This Chapter explains how to configure and use the LevelOne WBR-1101TX's "Access Control" feature.
The Access Control feature allows administrators to restrict Internet Access by individual PCs. The process uses "Packet Filtering" to block or discard data packets. By default, no packets are blocked or discarded.
To use this feature:
![]() |
You can limit Internet access for ALL PCs without entering ANY PC data. Simply apply the desired restrictions to the "Everyone" group. |
It is also possible to define your own packet filters, and use these filters in addition to the pre-defined filters. Defining your own filters is optional.
This log is accessed from the Access Control Log on the Status screen. It shows the attempted accesses which have been blocked.
This log can be used to track the operation of the Access Control feature. Data shown in this log is as follows:
The Security Groups screen is reached from the Access Control link on the navigation bar. An example screen is shown below.
Figure 50: Security Groups Screen
Note that the Security groups are pre-named "Everyone", "Group 1", "Group 2", "Group 3", and "Group 4".
Define Access Rights
for a Security Group |
|
Change Access Rights
for a Security Group |
|
Assign PCs to a
Security Group |
All PCs are initially in the "Everyone" group. Use the PCs screen to
move individual PCs to other groups as required.
|
The following data is required.
Access Rights: Internet Access for this Group |
|
No restrictions
|
No packets are blocked. Use this to create an "Unlimited Access" group, or
to temporarily remove restrictions.
|
Block all Access
|
Groups members cannot access the Internet at all. Use this to create the
most restrictive group.
|
Use Packet Filter Table below
|
Use this to define intermediate levels of access. Using the Packet Filter
table gives you fine control over Internet access.
Simply select the items you wish to block. You can choose from the
pre-defined filters in the Applications to Block column, or your own
filters in the TCP Packets to Discard and UPD Packets to Discard
column.
|
Packet Filter Table |
|
Any items checked will be blocked. Users will not be able to use the
application.
|
|
TCP Packets
to Discard |
This lists any TCP filters you have defined on the Filters screen.
If no filters have been defined, this is empty.
Multiple items can be selected (or deselected) by holding down the Ctrl key while selecting items. Selected items can NOT be accessed by members of this group. |
UDP Packets
to Discard |
This lists any UDP filters you have defined on the Filters screen.
If no filters have been defined, this is empty.
Multiple items can be selected (or deselected) by holding down the Ctrl key while selecting items. Selected items can NOT be accessed by members of this group. |
![]() |
If you have not defined your own filters, but wish to do so, refer to "Filters" later in this chapter. |
The PCs screen is reached from the Access Control link on the navigation bar. An example screen is shown below.
Note that the drop-down box lists all PCs previously entered. If none have been entered, this box will be empty.
Create a new entry
|
Note: The name shown in the drop-down list is ignored.
|
Delete an entry
|
|
Modify (Edit)
an entry |
|
Select PC |
|
PC Name
|
This drop-down list shows all entries in the "PC" database. If you have not
made any entries, this list will be empty.
|
Get Data button
|
Click this button to view the data for the PC selected in the drop-down
list. You can then edit the data.
|
Details |
|
PC Name
|
Enter a name to identify this PC.
|
Network Adapter Address
|
Hardware address for this PC. You can use the Windows "Winipcfg" program or
your LAN management program to find this address.
|
Reserve entry in DHCP Table
|
Check this if you wish to reserve an IP address for this PC. This is useful
if you have to provide the IP Address for other programs or users.
If this is left unchecked, the following entry can be ignored.
|
Reserved
IP Address |
This relates to the entry above. Enter the reserved address here. This MUST
be within the range used by the DHCP server (set on the Device - Internal LAN
Port screen).
|
Security Group
|
Select the security group for this PC. If you only wish to reserve an IP
Address, and are not using the security (access control) features, simply leave
this at "Everyone".
|
Buttons |
|
Clear Form
|
Clears all data, ready for input of a new entry.
|
Add
|
Add a new entry, using the data shown on screen.
The name shown in the drop-down list is ignored.
|
Delete
|
Delete the Virtual Server entry selected in the drop-down list, regardless
of whether its details are shown on screen.
|
Update
|
Update the Virtual Server entry selected in the drop-down list, using the
data shown on screen.
|
List All
|
List all User-defined Virtual Servers.
|
Cancel
|
Reverse any changes made since the last "submit" operation (i.e. since
clicking any other button).
|
The Filters screen is reached from the Access Control link on the navigation bar. An example screen is shown below.
This screen allows you to define packet filters. When you define security groups, on the "Security Groups" screen, you can select from any filters defined here, as well as the pre-defined filters.
Define the packets you wish to be filtered out, by entering the following data.
TCP Filters |
|
Name
|
Enter a descriptive name for this entry.
|
Port No.
|
Enter an integer representing the Port Number for this type of packet. This
information can normally be provided by the service provider. Otherwise, a
Network Analyzer or Packet Sniffer can be used to determine the correct port
number.
|
UDP Filters |
|
Name
|
Enter a descriptive name for this entry.
|
Port No.
|
Enter an integer representing the Port Number for this type of packet. This
information can normally be provided by the service provider. Otherwise, a
Network Analyzer or Packet Sniffer can be used to determine the correct port
number.
|