1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Can't get Access Restriction to work

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by stromm, Oct 25, 2005.

  1. stromm

    stromm Network Guru Member

    I'm trying to use Access Restriction to prevent a range of IP from accessing the internet.

    I have a Server 2003 running DHCP and DNS. It provides DHCP services to the workstations, not the WRV54G. It also provides DNS to the workstations and forwards all non-local queries to the WRV54G and than RR's address.

    I Enable a new policy I call "NoInternet", Edit List and enter 192.168.0.10-254 for A RANGE, select Deny, Everyday, 24hrs. Than I use either HTTP as the service or even the "allports" service I created which is range 1-65535.

    I save the settings and have even rebooted the router.

    However, the workstatons in the IP range are still able to access the Internet!

    The only way I am able to block anything is by using a domain name (i.e. yahoo.com) for testing.

    What am I doing wrong? Is it that the WRV54G isn't providing DHCP and DNS?

    Thanks.
     
  2. stromm

    stromm Network Guru Member

    Anyone?
     
  3. stromm

    stromm Network Guru Member

    So I've been playing around with settings.

    If I select ALLOW (just below the PC List button), my port rule sortof works. Only problem is, it works for ALL IPs, not just the ones in the list.

    I want to block my students from getting internet access, but not my laptop.

    In the PC List, I've tried two different things.

    Student PCs get IPs 192.168.0.11-50. So I put that in for the range and set ALLOW. When specifying HTTP or even ports 1-65535, ALL IPs are blocked.

    Next in the PC List I put 192.168.0.1-10. My laptop is 192.168.0.2. Everything else is the same. STILL Nothing will get through to the net.

    If I chose DENY, EVERYTHING is able to access the net.

    Any ideas?
     
  4. Got it to work but.....

    I tried setting up the access restrictions to on our local network and added certian keywords to prevent access to the restricted sites.

    It works (blank browser on bad words) but slows the Internet to a crawl to the point where its almost not usable. Turn off the filter and the Internet is fast again.

    I have also noticed that through all version of firmware to the last one I upgraded to which is the latest beta 2.38.6.

    The other thing I cam across when I point the syslog to one of my server is a whole raft of NAT errors when I put the filtering on.

    Wondering if anyone has ever got the filters to work well?
     
  5. gwelling

    gwelling Network Guru Member

    Time based Access Restrictions do not work

    I have a WRT54G v3 wireless router and have just upgraded the firmware to v4.20.7 in the hope that a time-of-day access control policy would work, but sadly, that was not the case. I have a single Allow internet access policy from 6:00am to 9:00pm. I have tried entering PC MAC addresses in the List of PCs, and have tried leaving the list of PCs blank. The result is always that all PCs can always access the Internet regardless of the time of day.
    I have two wired connected PCs and two wireless laptops. Same results for all machines.
    Does anyone know if there is a magic trick to get time-of-day access control working?

    Thanks in advance,
    Graham.
     

Share This Page