Access Control


Overview

The Access Control feature allows administrators to restrict Internet Access by individual workstations. The process uses "Packet Filtering" to block or discard data packets. You can apply the pre-defined filters, and optionally define your own filters.

By default, filtering is disabled; no packets are blocked or discarded.

Selecting the Access Control tab will reveal a screen like the example below.

Figure 1: Access Control Tab

To use the Access Control feature:

  1. Set the desired restrictions on the "Everyone" group, by selecting this group and clicking "Setup". By default, all PCs are in the "Everyone" group unless explicitly moved to another group.
  2. Set the desired restrictions on the other groups ("Group 1", "Group 2", etc) as needed.
  3. For each Workstation you wish to move from the "Everyone" group, enter their data and assign them to the desired group.

You can limit Internet access for ALL PCs without entering ANY workstation data. Simply apply the desired restrictions to the "Everyone" group.


Security Groups

To Set or Change restrictions for a Security Group:

  1. Select the group from the drop-down list. Note that the Security groups are pre-named "Everyone", "Group 1", "Group 2", "Group 3", and "Group 4". These names cannot be changed.
  2. Click the Setup button to define restrictions for the selected group. An example screen is shown below.

Figure 2: Group Screen

  1. Enter data on this screen as explained below. Click OK when finished.

Data for each Group

No restrictions No packets are blocked. Use this to create an "Unlimited Access" group, or to temporarily remove restrictions from a group.
Block all Access Groups members cannot access the Internet at all. Use this to create the most restrictive group.
Use List Below Enable or disable individual items as required. If set to Block, the item will be blocked, and the group will NOT have access.

This table is ignored unless the Use List Below radio button is selected.


Workstations

This list shows all workstations (PCs) which have been defined.

It is only necessary to define workstations in the following situations:

Use the Add, Edit, and Delete buttons to modify the list as required. An example Add or Edit screen is shown below.

Figure 3: Workstation

Workstation Data

Name Enter an identifier for this workstation. The name cannot contains spaces or punctuation.
Group Select the security group for this workstation.
If you only wish to reserve an IP Address, and are not using the Access Control features, simply leave this at "Everyone".
Hardware (MAC) Address Hardware or phpsical address. On a PC, this is often called the Network Adapter Address. You can use the Windows "Winipcfg" program or your LAN management program to find this address. (By default, there is no Start Menu item for Winipcfg so you must use hte "Run" command or create your own shortcut.)
Reserve IP Addres in DHCP Table Check this if you wish to reserve an IP address for this workstation. This is useful if you have to provide the IP Address for other programs or users.
If this is left unchecked, the following entry can be ignored.
Reserved IP Address This relates to the entry above.
Enter the reserved address here. This MUST be within the range used by the DHCP server (set on the LAN screen).