Previous Next Title Page Contents

Chapter 6
Access Control

The Access Control feature allows the administrator to control Internet access by individual workstations (PCs)

Overview

The Access Control feature allows administrators to restrict Internet Access by individual workstations. The process uses "Packet Filtering" to block or discard data packets. You can apply the pre-defined filters, and optionally define your own filters. By default, filtering is disabled; no packets are blocked or discarded.

Selecting the Access Control tab will reveal a screen like the example below.

Figure 14: Access Control Tab

To use the Access Control feature:

  1. Set the desired restrictions on the "Everyone" group, by selecting this group and clicking "Setup". By default, all PCs are in the "Everyone" group unless explicitly moved to another group.
  2. Set the desired restrictions on the other groups ("Group 1", "Group 2", etc) as needed.
  3. For each Workstation you wish to move from the "Everyone" group, enter their data and assign them to the desired group.

You can limit Internet access for ALL PCs without entering ANY workstation data, by applying restrictions to the "Everyone" group.

Security Groups

To Set or Change restrictions for a Security Group:

  1. Select the group from the drop-down list. Note that the Security groups are pre-named "Everyone", "Group 1", "Group 2", "Group 3", and "Group 4". These names cannot be changed.
  2. Click the Setup button to define restrictions for the selected group. An example screen is shown below.

    Figure 15: Access Control

  3. Enter data on this screen as explained below. Click OK when finished.

Data for each Group

No Restriction
No packets are blocked. Use this to create an "Unlimited Access" group, or to temporarily remove restrictions from a group.
Block all access
Groups members cannot access the Internet at all.
Use this to create the most restrictive group.
Use List Below
Enable or disable individual items as required. If set to Block, the item will be blocked, and the group will NOT have access.
This table is ignored unless the Use List Below radio button is selected.

Workstations

This list shows all workstations (PCs) which have been defined. It is only necessary to define workstations in the following situations:

Figure 16: Workstation Screen

Workstation Data

Name
Enter an identifier for this workstation. The name is case insensitive (case is ignored).
Group
Select the security group for this workstation.
If you only wish to reserve an IP Address, and are not using the Access Control features, simply leave this at "Everyone".
Hardware (MAC) Address
Hardware or physical address. On a PC, this is often called the Network Adapter Address. You can use the Windows "Winipcfg" program or your LAN management program to find this address. (By default, there is no Start Menu item for Winipcfg so you must use the "Run" command or create your own shortcut.)
Reserve IP Address
for this workstation
Check this if you wish to reserve an IP address for this workstation. This is useful if you have to provide the IP Address for other programs or users.
If this is left unchecked, the following entry can be ignored.
Reserved IP Address
This relates to the entry above.
Enter the reserved address here. This MUST be within the range used by the DHCP server (set on the LAN screen).



Previous Next Title Page Contents