Small Office Firewall Config..

[john_india]

hi guys, i have 4-5 pc's connected through Asus RT-N66U but i wanna block internet on all pc through Routers firewall and allow only the antivirus update how do i set it up? there's something called Network service filter here but dont know how to config it..pls hlp!! TY

 

[jungle71]

you can block the ports, and just leave the antivirus one(impractical, too many ports)

other option is this that i found (http://screenshots.portforward.com/routers/Asus/RT-N66U/Network_Services_Filter.htm)

ASUS Wireless Router RT-N66U - Network Services Filter Firewall - Network Services Filter The Network Services filter blocks the LAN to WAN packet exchanges and restricts devices from using specific network services. For example, if you do not want the device to use the Internet service, key in 80 in the destination port. The traffic that uses port 80 will be blocked. Leave the source IP field blank to apply this rule to all LAN devices. Black List Duration : During the scheduled duration, clients in the Black List cannot use the specified network services. After the specified duration, all the clients in LAN can access the specified network services. White List Duration : During the scheduled duration, clients in the White List can ONLY use the specified network services. After the specified duration, clients in the White List and other network clients will not be able to access the Internet or any Internet service.

NOTE : If you set the subnet for the White List, IP addresses outside the subnet will not be able to access the Internet or any Internet service. Network Services Filter Enable Network Services Filter Yes No Filter table type White List Black List Well-Known Applications User Defined Date to Enable LAN to WAN Filter Mon Tue Wed Thu Fri Time of Day to Enable LAN to WAN Filter : - : Date to Enable LAN to WAN Filter Sat Sun Time of Day to Enable LAN to WAN Filter : - : Filtered ICMP packet types Network Services Filter Table Source IP Port Range Destination IP Port Range Protocol Add / Delete TCP TCP ALL TCP SYN TCP ACK TCP FIN TCP RST TCP URG TCP PSH UDP

 

[john_india]

i tried inputting ip's of pc i wanna block and set the protocol to tcp all and port range to 80 but still internet is accessible on the device!! any ideas?

 

[jungle71]

did you blacklist it?

 

[jungle71]

it should work if you input and blacklist them

 

[john_india]

yes i did black list but still no go..i have put ip of the pc on source ip and destination ip..is that correct??

 

[dbhosttexas]

Wish I had one of those routers to play with to figure this out. I would think you would want to set up one rule with the hosts you want to exclude as source, and one rule as destination so you are blocking both ways. However one thing to keep in mind... Have you checked to make sure your anti virus doesn't use http or https for its definition updates?

 

[jungle71]

i have limited knowledge with this software, try calling their customer service for help. or wait till anyone can help you, sorry.