Allow network access but not internet?

J

Just_Ice

Executive Member
Joined
Mar 8, 2008
Messages
7,589
Reaction score
52
Location
RSA
Hi,

I have a Huawei B593 router. I'm hoping someone here can help me do the following:

- I want my devices to have full access to my network and internet.
- Allow other devices (friends, brother etc) to access my network so we can share files, but not access the internet (LTE isnt cheap :D)

Is there a way to add devices to my network, but then restrict their internet access on this router?
 
dont know that router but can you not setup DHCP on it with reserved addresses for the trusted clients. Then setup firewall rules on the router to all those IP's to connect to the net and deny the rest.

Otherwise you would need to look at setting up a inline proxy with ACL's but would need another wifi router/switch.
 
gregmcc said:
dont know that router but can you not setup DHCP on it with reserved addresses for the trusted clients. Then setup firewall rules on the router to all those IP's to connect to the net and deny the rest.

Otherwise you would need to look at setting up a inline proxy with ACL's but would need another wifi router/switch.
Click to expand...

Also not familiar with that router, but would not expect it to be able to do custom firewalling rules (unless you are able to get a shell on it somehow). Simplest solution is to get something like the TP-Link WR703N, or GL.Inet routers, and install openWRT on them (any OpenWRT compatible router would do, those are just cheap). Then disable the DHCP server, configure the device to bridge wifi and ethernet, and then set up a firewall rule on the router to drop any traffic to destinations not on the local net. You'd probably have to use ebtables for that, fyi.
 
Use the built in firewall feature to only allow your devices IP's (or MAC addresses), and block all others.
 
RoganDawes said:
Also not familiar with that router, but would not expect it to be able to do custom firewalling rules (unless you are able to get a shell on it somehow). Simplest solution is to get something like the TP-Link WR703N, or GL.Inet routers, and install openWRT on them (any OpenWRT compatible router would do, those are just cheap). Then disable the DHCP server, configure the device to bridge wifi and ethernet, and then set up a firewall rule on the router to drop any traffic to destinations not on the local net. You'd probably have to use ebtables for that, fyi.
Click to expand...

OK, so it seems I was mistaken about the capabilities of the router itself. Well, let's just say that you may not need any additional hardware at all ;-)

According to this page, you can get a shell on the router fairly easily. Once you have a shell, you can set up your own firewall rules. I don't know whether the filesystem will be writeable, so that you can save them so that they will still be there after a reboot, though.

If not, you could probably write a script/batch file that will recreate them using HTTP requests to the web interface, after each reboot.
 
Easiest is to remove the default gateway IP from the user's pc
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X