asked on

Block access to internet.

I have 2 sites and each site use Linksys BEFVP41 (VPN router) to connect to internet so that these 2 sites can have VPN tunnel and each site can access to another site using internal IP. I would like to block 1 site ( i.e. site A ) computers to access to internet website ( all services of internet such as FTP, webpage, ICQ, etc). meanwhile, I would like site A computers to connect to the email server in another site B, would somebody please give me suggestions on how to implement the situation? Thanks.

grblades

Hi mikekwok,
You would need to use the 'filters' capability of the Linksys to permit site A to talk to site B but deny everything else.

mikekwok

ASKER

My Linksys Router Filter Page only can let me set the port range and the private range. Do you know if i have set the filter IP range from 192.168.1.1 to 192.168.1.10 . the computers with IP from 192.168.1.1 to 192.168.1.10 cannot access to internet website, rite? How about if they can access 192.168.2.x ? 192.168.2.x is the ip of another site. Thanks.

grblades

If the router cannot filter by destination address then you only really have two alternatives:-

1) Replace the router with another which does have this functionality.

2) Add a router between the internal network and the Linksys at site A and configure it to only allow traffic to site B.
This could be a cheap second hand router or could be a computer running a software firewall such as Linux.

mikekwok

ASKER

I think cannot replace router since these 2 routers has built-in VPN function and these router cannot behind another firewall or router. Would you please suggest me how to solve my problem? Thanks.

ASKER CERTIFIED SOLUTION

grblades

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

mikekwok

ASKER

I have found a router which is suitable for me . It is PCi BRL-04FPU.