Cable Forum

Cable Forum (https://www.cableforum.uk/board/index.php)
-   Networking (https://www.cableforum.uk/board/forumdisplay.php?f=87)
-   -   Client Isolation (https://www.cableforum.uk/board/showthread.php?t=33658466)

Bennylaball 25-11-2009 19:27
Client Isolation
 
Hi all, i have had a request from one of my customers to stop his clients from being able to see each other on the network and only allowing internet traffic, I suggested a layer 2 switch and forward all the network ports to the gigabit port on the switch and feed that to the router, but i found out he has a large wireless network and cabled network. I am thinking about setting him up a PPPOE server and attaching it to the Active Directory, does anyone else have any ideas as that will be alot of messing about setting up PPPOE on all there machines!

Kymmy 25-11-2009 20:05
Re: Client Isolation
 
Just block all local IP's on locked down firewalls apart from the gateway/router, with it being active directory I presume you can set a global security policy blocking firewall modifications

Jon T 25-11-2009 20:21
Re: Client Isolation
 
Quote:
Originally Posted by Kymmy (Post 34915617)
Just block all local IP's on locked down firewalls apart from the gateway/router, with it being active directory I presume you can set a global security policy blocking firewall modifications
Windows firewall and group policy

BTW, my post has totally changed, got hold of the wrong end of the stick first reply.

BTW2, Every switch is at least Layer 2(MAC level), did you mean Layer 3?

Bennylaball 25-11-2009 20:30
Re: Client Isolation
 
Yes i did mean layer 3 my mistake, the client doesnt use active directory for routing, i use a cisco PIX, i was hoping i could put a linux box in line with the router as im not a windows guy.

Jon T 25-11-2009 20:34
Re: Client Isolation
 
Quote:
Originally Posted by Bennylaball (Post 34915635)
Yes i did mean layer 3 my mistake, the client doesnt use active directory for routing, i use a cisco PIX, i was hoping i could put a linux box in line with the router as im not a windows guy.
You wouldn't use active directory for routing, you'd set the default domain policy to enable the firewalls on the client PC's. You'd then put out a policy via AD that set each firewall to block communication to anything that isn't a server or internet connection.

Bennylaball 25-11-2009 22:16
Re: Client Isolation
 
Ooooo I see i will have to read a bit into active directory like i said im not a windows guy, if i get asked this again for a network with no active directory how would i go about doing this?

[MOD: removed repeated sections]



Argh, every time i refresh it re-posts my last post

Kymmy 26-11-2009 18:18
Re: Client Isolation
 
Quote:
Originally Posted by Bennylaball (Post 34915651)
Argh, every time i refresh it re-posts my last post
If you refresh directly after a post then it'll resubmit the post data, best to click on the thread link instead of refresh

Extra data and also the reply quoting the data - deleted

bomber_g 27-11-2009 13:02
Re: Client Isolation
 
:( you delete my post - I though it was quite funny, granted not related to the thread in any way, but still funny


All times are GMT +1. The time now is 22:29.

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2025, vBulletin Solutions Inc.
All Posts and Content are © Cable Forum