75
Chapter 10
Access Control
This Chapter explains how to configure and use the Wireless Gateway's "Ac-
cess Control" feature.
Overview
The Access Control feature allows administrators to restrict Internet Access by individual PCs.
The process uses "Packet Filtering" to block or discard data packets. By default, no packets are
blocked or discarded.
To use this feature:
•
Set the desired restrictions on the "Everyone" group. All PCs are in the "Everyone" group
unless explicitly moved to another group, using the PC screen.
•
Set the desired restrictions on the other groups ("Group 1", "Group 2", etc) as needed.
•
For each PC you wish to move from the "Everyone" group, enter their details on the PCs
screen, and assign them to the desired group.
You can limit Internet access for ALL PCs without
entering ANY PC data. Simply apply the desired
restrictions to the "Everyone" group.
It is also possible to define your own packet filters, and use these filters in addition to the pre-
defined filters. Defining your own filters is optional.
Access Control Log
This log is accessed from the Access Control Log on the
Status
screen. It shows the attempted
accesses which have been blocked.
This log can be used to track the operation of the Access Control feature. Data shown in this
log is as follows:
•
Port
- The port used to gain access to this device. Possible values are LAN, WAN, WLAN
(Wireless LAN), and RS232 (serial port).
•
Source IP Address
- The IP Address of the PC or device whose access request was
blocked.
•
Physical Address (Hardware Address)
- The hardware address of the PC or device
whose access request was blocked.
•
Name
- If known, the name of the device whose access was blocked. This name is taken
from the Access Control database. For Wireless devices, the name is obtained from the
Wireless Stations list, and so will always match the Physical (Hardware) address.
•
Destination
- The destination of the attempted access. Possible values are "Internet",
"LAN" or "WLAN".
•
"Internet" indicates an outgoing connection attempt which was blocked by the Access
Control feature.
•
"LAN" or "WLAN" represents an inward connection attempt which was blocked by
the Firewall. These inward connection attempts are not affected by the Access Control
settings.
10