Milan Technology MIL-W1311, MIL-W0311 manual Access Control Log, To use this feature

Page 78

Chapter 10

10

Access Control

This Chapter explains how to configure and use the Wireless Gateway's "Ac- cess Control" feature.

Overview

The Access Control feature allows administrators to restrict Internet Access by individual PCs. The process uses "Packet Filtering" to block or discard data packets. By default, no packets are blocked or discarded.

To use this feature:

Set the desired restrictions on the "Everyone" group. All PCs are in the "Everyone" group unless explicitly moved to another group, using the PC screen.

Set the desired restrictions on the other groups ("Group 1", "Group 2", etc) as needed.

For each PC you wish to move from the "Everyone" group, enter their details on the PCs screen, and assign them to the desired group.

You can limit Internet access for ALL PCs without entering ANY PC data. Simply apply the desired restrictions to the "Everyone" group.

It is also possible to define your own packet filters, and use these filters in addition to the pre- defined filters. Defining your own filters is optional.

Access Control Log

This log is accessed from the Access Control Log on the Status screen. It shows the attempted accesses which have been blocked.

This log can be used to track the operation of the Access Control feature. Data shown in this log is as follows:

Port - The port used to gain access to this device. Possible values are LAN, WAN, WLAN (Wireless LAN), and RS232 (serial port).

Source IP Address - The IP Address of the PC or device whose access request was blocked.

Physical Address (Hardware Address) - The hardware address of the PC or device whose access request was blocked.

Name - If known, the name of the device whose access was blocked. This name is taken from the Access Control database. For Wireless devices, the name is obtained from the Wireless Stations list, and so will always match the Physical (Hardware) address.

Destination - The destination of the attempted access. Possible values are "Internet", "LAN" or "WLAN".

"Internet" indicates an outgoing connection attempt which was blocked by the Access Control feature.

"LAN" or "WLAN" represents an inward connection attempt which was blocked by the Firewall. These inward connection attempts are not affected by the Access Control settings.

75

Image 78
Contents ShAir Office Table of Contents Wireless Gateway Pcmcia Wireless Card MIL-W1311 only Access Control Wireless LAN ConfigurationAT Commands Standard AT Commands URL Filter Virtual ServersWireless Gateway Features LAN FeaturesIntroduction Internet Access Features Wireless FeaturesNetwork Printer Security Features RAS Remote Access ServicesConfiguration & Management Advanced Internet FunctionsPackage Contents Physical DetailsRear Panel Rear PanelPower port Reset ButtonTo Clear All Data and restore the factory default values Pcmcia slotDIP Switches Restore Default IP Address and Clear PasswordDIP Switch Setting Description Choose an Installation Site InstallationProcedure RequirementsConnect LAN Cable Insert Wireless Pcmcia cardPower Up Connect WAN CableConfiguration OverviewTo Do this Refer to Preparation Configuration ProgramConnecting to the Wireless Gateway If you cant connectPassword Navigation & Data InputQuick Setup Screen Quick Setup OverviewConfiguration Data Quick Setup Screen RouterWireless Buttons CancelWEP Status SaveWireless Screen Data Wireless ScreenConfiguration Wireless Station Access WEP Data PrivacyExisting Stations Access For Wireless Stations listed above PermissionFor Other Wireless Stations New stationDevice Name Status ScreenData Status Screen Physical AddressSystem WAN LinksAccess Control Log Internet Access LogWAN Status Direct Connection DataWAN Status WAN Status PPPoE Status DataConnection Log Disconnect Connection Log MessagesConnect Clear LogTo check your PCs TCP/IP Settings PC ConfigurationTCP/IP Settings Windows ClientsUsing Dhcp Using Specify an IP AddressGateway Tab Win 95/98 Internet Access Accessing AOLPrinting Setup Print Port Driver SetupManagement Port OptionsBanner Windows NT 4.0 Server ConfigurationLPD/LPR Printing RetryWindows 2000 Server Configuration Adding the PrinterClient PC Setup for LPD/LPR Printing Windows 2000 Select PortDial-in Configuration Creating a Dial-in Connection in WindowsUsing the Dial-in Connection Dial-up Networking PropertiesInstalling the Printer Macintosh ClientsPrinting LPD Printing on Linux Internet Access on LinuxLinux Clients To act as a Dhcp Client recommendedOther Unix Systems Wireless Station ConfigurationFor Internet Access via the Wireless Gateway LPD PrintingUsing the Wireless Gateways Dhcp Server Using another Dhcp ServerWhat Dhcp Does To Configure your PCs to use Dhcp Serial Port Serial Port ScreenInternet Access Data Serial Port ScreenModem Dial-In LinksInitial String Modem Properties ScreenData Modem Properties Screen Other PropertiesSave as OtherControlling Dial-in Access Dial -in UsersOverview Existing Users Dial-in Users ScreenData Dial-in Users Screen Other UsersUser Details Screen Data User Details ScreenUser ID Time limit Enable dial-in accessEnforce connection Call backData Serial Port Status Screen Serial Port StatusOverview StatusConnection Log LogSerial Port Password When prompted for the password, leave the User Name blankOptions Remote Management DNS Domain Name ServerNAT Network Address Translation To connect from a remote PC via the InternetData Printer Port Screen Routing TablePrinter Port AppleTalkLogical Printers Printer StatusRouting Screen Using this ScreenRouting Static Routing TableData Routing Screen Static Routing TableLocal Router Router ConfigurationUpdate Other Routers on the Local LANFor Router Bs Default Route For the Wireless Gateways Routing TableFor Router As Default Route Static Routing ExampleAdvanced Internet Advanced Internet ScreenSpecial Applications Screen Using a Special ApplicationSpecial Internet Applications At any time, only one 1 PC can use each Special ApplicationSelect Entry Data Special Applications ScreenManaging Special Application Entries DetailsIncoming URL Filter OperationTips URL Filter Screen Data URL Filter ScreenSite List Virtual Servers IP Address seen by Internet UsersTypes of Virtual Servers WAN IP Address Virtual Server ScreenData Virtual Server Screen Virtual ServersUser Defined Virtual Servers LAN IP AddressManaging User Defined Virtual Servers Data- User Defined Virtual Servers ScreenSelect Server Number External Port Connecting to the Virtual ServersInternal Port NumberData DMZ Screen EnableDMZ Screen LAN IP AddressWAN IP Address Access Control Access Control LogTo use this feature Security Groups Screen OperationsAccess Rights Internet Access for this Group Data Security Groups ScreenPacket Filter Table PCs Screen Data PCs ScreenSelect PC Reserved Network AdapterReserve entry Security GroupTCP Filters Filters ScreenData Filters Screen Port NoTroubleshooting General ProblemsInternet Access Wireless Access Problem 1 My PC cant locate the Wireless Access PointProblem 2 Wireless connection speed is very slow To remove an existing printer port installation PrintingWireless Gateway User Guide Appendix a Troubleshooting Dial-in Access Check the ModemCheck the Remote PC Appendix a Troubleshooting Infrastructure Mode About Wireless LANsAd-hoc Mode ModesWEP Authentication ChannelsAccess Control Wireless LAN ConfigurationRequired Settings AT CommandsAT Commands Setting AT CommandConnection Properties W95/98 Standard AT Commands Command DescriptionATO Extended AT& Commands Specifications Wireless GatewayPcmcia Wireless Card MIL-W1311 only