Disable Internet access but allow Local Connection

W

weelzSA

Expert Member
Joined
Jul 23, 2009
Messages
3,259
Reaction score
51
Location
Cape Town
Hi all.

I have my server connected via WiFi to my home network which works perfectly. I want to disable internet connection but still be able to connect locally (hope that makes sense?), is this possible? I have tried changing the DNS to 10.10.10.10 which seemed to have disconnected me from the internet but kept me on my local network but when I viewed my data usage, I saw the PC was still downloading data - not sure how as I tried to browse the internet but got errors saying I was not connected...

Am I doing something wrong here? Why would it say I was disconnected from the internet but still be downloading data according to my data manager?

Please could someone help me out here.
 
Unless there is some device (e.g. the gateway) preventing your server from accessing the internet via firewall rules or similar, the server will still be able to make direct connections via IP address.

All you have done by changing the DNS settings is prevented the server from resolving names to IP addresses - if the server can't figure out where to connect to, it can't connect. BUT, if it already knows the IP address it wants to connect to, there is nothing stopping it from doing so.

Keep in mind that you will be stopping the server from getting access to OS updates as well, which may be counterproductive.

What router do you have? There may be options to allow you to set this up correctly.
 
weelzSA said:
Hi all.

I have my server connected via WiFi to my home network which works perfectly. I want to disable internet connection but still be able to connect locally (hope that makes sense?), is this possible? I have tried changing the DNS to 10.10.10.10 which seemed to have disconnected me from the internet but kept me on my local network but when I viewed my data usage, I saw the PC was still downloading data - not sure how as I tried to browse the internet but got errors saying I was not connected...

Am I doing something wrong here? Why would it say I was disconnected from the internet but still be downloading data according to my data manager?

Please could someone help me out here.
Click to expand...

Where are you changing the DNS ?
 
RoganDawes said:
Unless there is some device (e.g. the gateway) preventing your server from accessing the internet via firewall rules or similar, the server will still be able to make direct connections via IP address.

All you have done by changing the DNS settings is prevented the server from resolving names to IP addresses - if the server can't figure out where to connect to, it can't connect. BUT, if it already knows the IP address it wants to connect to, there is nothing stopping it from doing so.

Keep in mind that you will be stopping the server from getting access to OS updates as well, which may be counterproductive.

What router do you have? There may be options to allow you to set this up correctly.
Click to expand...

Thanks for the reply. The OS updates aren't too important at this time. I am using the server as my Media Server so not too worried about updates.

The only reason I want to disable internet access is because it used almost 9gigs in one day while getting the info for all my media ect and I only have 10gigs a month so you can see my problem. All I want to do is block internet access but still be able to connect locally as I need to stream content from the server to other devices in my house - what is the easiest way for me to do this?

I have a TP-LINK TL-MR3420 Router that I use with my 3G dongle connected to get internet access.
 
weelzSA said:
Thanks for the reply. The OS updates aren't too important at this time. I am using the server as my Media Server so not too worried about updates.

The only reason I want to disable internet access is because it used almost 9gigs in one day while getting the info for all my media ect and I only have 10gigs a month so you can see my problem. All I want to do is block internet access but still be able to connect locally as I need to stream content from the server to other devices in my house - what is the easiest way for me to do this?

I have a TP-LINK TL-MR3420 Router that I use with my 3G dongle connected to get internet access.
Click to expand...

Pull out the dongle
 
Nerfherder said:
Where are you changing the DNS ?
Click to expand...

I go into "Network and Sharing Center" -> Change Adapter Settings -> Right Click, Properties on my WiFi connection -> Select Internet Protocol Version 4 and then change it there (on the actual PC I am trying to block internet access to but be able to connect to my local network) - is there somewhere else this should be done?
 
OGroteKoning said:
Sorry, I thought you wanted to stop internet access completely.
Click to expand...

If only it was so easy :D cause this is driving me insane. The only other way I can think of (and a way I don't want to really do) is to connect a different router to my server and then when I want to stream content from the sever to my PC or iPad ect, disconnect from the current connection and connect to the server but that will be a pain to do every time and also won't be able to connect to the internet from my main PC. Surely there must be an easier way?
 
weelzSA said:
If only it was so easy :D cause this is driving me insane. The only other way I can think of (and a way I don't want to really do) is to connect a different router to my server and then when I want to stream content from the sever to my PC or iPad ect, disconnect from the current connection and connect to the server but that will be a pain to do every time and also won't be able to connect to the internet from my main PC. Surely there must be an easier way?
Click to expand...

Look, I don't know that much about networking, but can you not assign static IP's to the devices you don't want to access the webz and prevent them from connecting?
 
Changing the DNS won't help if the connection is made with an IP address. A DNS resolves a human-readable name to an IP address that the PC's can talk to with each other. Changing the DNS made the PC so that it can't resolve google.com to it's IP address, but if the software that's downloading on it is connecting to IP addresses, you'd see it download.

Try changing the gateway settings. Gateway (and I speak under correction because I couldn't care what it does, but this is my view point) is to tell the PC that you connect to the internet through THIS IP address (which is the router's) but doesn't necessarily require it to make local connections (provided the PC's IP address is the same subnet as the rest of your network)
 
weelzSA said:
If I do this, will I still be able to connect to my local network?
Click to expand...

Yes. You don't need a router to talk to devices on the same subnet/lan. You should be fine just using the hub/switch portion.

The router will block the server IP from traversing the WAN but it will still be able to talk to all other devices on the LAN seeing they are in the same network. The router/gateway only comes into play when you need to talk to devices outside of your LAN.
 
Last edited:
If you have a separate switch just remove your default gateway (it should be your router IP) take it out or change it and you won't have internet access.
 
Hi,

If you enable Internet Access Control on the router, select the option that says "allow the packets not specified by an access control policy to pass through the router"
First create a new rule that allows access from your server to the address range on your local lan, then create a rule that denies traffic from your server to any destination.
The rules should be evaluated in sequence, so local access will be fine and internet access will be blocked.

Cheers,
Q-Tech
 
Q-Tech said:
Hi,

If you enable Internet Access Control on the router, select the option that says "allow the packets not specified by an access control policy to pass through the router"
First create a new rule that allows access from your server to the address range on your local lan, then create a rule that denies traffic from your server to any destination.
The rules should be evaluated in sequence, so local access will be fine and internet access will be blocked.

Cheers,
Q-Tech
Click to expand...

Would those options be under my router settings? I just want to make sure I am looking in the correct place. Will have a look when I get home, hoping it will be that simple. Would I set everything up on the router?

I tried creating a rule that denied internet access 24/7 for the server IP address but for some reason it did not work. All I want to do is be able to connect to my local network so that I can still stream content from the server but not have it access the internet.
 
Yeah, hard code your IP settings in (on the device you dont want to have Internet access), just dont put in DNS or gateway. Or if you have to, make the gateway 127.0.0.1 or something.
 
weelzSA said:
I tried creating a rule that denied internet access 24/7 for the server IP address but for some reason it did not work. All I want to do is be able to connect to my local network so that I can still stream content from the server but not have it access the internet.
Click to expand...

Make and model of router?
 
weelzSA said:
Would those options be under my router settings? I just want to make sure I am looking in the correct place. Will have a look when I get home, hoping it will be that simple. Would I set everything up on the router?

I tried creating a rule that denied internet access 24/7 for the server IP address but for some reason it did not work. All I want to do is be able to connect to my local network so that I can still stream content from the server but not have it access the internet.
Click to expand...

Correct - those settings are all on your router - look for an item on the menu that mentions 'Internet Access Control' - I haven't worked on your specific router, but If you get stuck, post a screen shot or two and I'll try to help.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X