Disabling internet access but not network access?

T

todlerix

2[H]4U
Joined
Apr 25, 2003
Messages
2,244
I have a small network, 9 computers and 2 network printers. They all need to have access to the local network, printer/file server. However i'd like to disable internet access on all but 3 computers. I'd like to do this without additional software. Any suggestions?


Network is very basic, WRT54G if i had to guess
Verizon DSL
 
You can either do this at your router, or set the computers to use a false dns server address in network connections, this will stop you from browsing internet pages, for the people that are not so tech savvy.
 
set dns to 10.1.1.1 for the ones you want off the web. All network services will remain "active", but you won't be able to browse the web unless you have a dns server at 10.1.1.1 on your local LAN, or unless someone remembers the IP address of yahoo.com etc, haha.
 
Configuring blocking on the firewall/router is the best solution, but there are alternatives.

if you are static ip'd, you can remove the gateway from the network settings on each 'blocked' machine.
you might be able to mess with the 'route' command, but i dont have admin access to a suitable machine to find the right options for it right now.
 
Static IP assignments..leave the gateway blank.
If you have a DC..you won't want to fiddle with DNS..you need to leave that as your servers IP.
Realize though...that antivirus won't get updates..unless you have a network managed package. And PCs will fail to get Microsoft updates..unless you run WSUS on the network.
 
YeOldeStonecat said:
Static IP assignments..leave the gateway blank.
If you have a DC..you won't want to fiddle with DNS..you need to leave that as your servers IP.
Realize though...that antivirus won't get updates..unless you have a network managed package. And PCs will fail to get Microsoft updates..unless you run WSUS on the network.
Click to expand...

QFT everything he said.

Gateway trick is the best, but bear in mind above!
 
YeOldeStonecat said:
Static IP assignments..leave the gateway blank.
If you have a DC..you won't want to fiddle with DNS..you need to leave that as your servers IP.
Realize though...that antivirus won't get updates..unless you have a network managed package. And PCs will fail to get Microsoft updates..unless you run WSUS on the network.
Click to expand...

What he said. In a network enviroment you don't want to mess with the dns. Kill the gateway or under ie put in a fake proxy.
 
Christ, leave dns settings alone. Swatbat is right here. A bogus proxy setting for IE is the best course of action. Assign this with group policy and disable modifying the setting and you'll be good to go. Windows Updates and apps other than IE won't be affected.
 
You must log in or register to reply here.
Back
Top