?
Solved

ADSL Router Restricted IPs

Posted on 2005-03-26
10
Medium Priority
?
417 Views
Last Modified: 2008-02-01

Hi ..
I'm the network administrator for an ADSL Service Provider.we use Speedtouch 530 ADSL Routers in our networks. the problem is :
the router accepts any user with any ip to access internet. some users on our network put switches in their houses and allow other users to connect through our network illegaly.
I'd like to restrict the access on the router to specified IPs only to prevent the users from connecting others without permission.
the ip of the router is real ip : 81.10.48.142
the ips of the users on the LAN are like : 10.0.0.X
can any one tell me how to configure the router to accept only a list of ips (about 5 ips or 6 ) and block all other unauthorized IPs ?
note : sometimes we use PLANET ADE-3110 Routers instead of speedtouch
Thank You.

0
Comment
Question by:HaithamEgy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
10 Comments
 
LVL 40

Accepted Solution

by:
Fatal_Exception earned 252 total points
ID: 13637499
That won't work.  Any user that buys a router will be able to NAT right past your ADSL router into the your provider's network (internet).  As you know, some providers tried using MAC addresses to limit the ability of there customers to connect networks, but it just does not work since even these can be spoofed.

The deal is, as long as you cannot control what is lying behind your routers, you cannot limit the usage of your connections.  As long as I have a connection to the internet through you, you cannot stop me from sharing it if I have the right equipment (and knowledge).

Now, regarding retricting IP addresses, if you want to bump up the devices to something like Cisco Routers, you can certainly program them with Access Lists that will prevent any IP Address (range) from getting through it.  But again, as long as I can spoof my IP, you still won't stop me from getting through.  And think how much it would cost to do this.  You would have to double your subscription rates just to afford the deployment.  Just not worth it in the long run, financially or the admin headaches that could certainly come from it.

Sorry!

FE
0
 
LVL 27

Assisted Solution

by:pseudocyber
pseudocyber earned 248 total points
ID: 13645510
I agree with FE.  Also, I understand ya'll want the extra revenue from those "illegally attached" users - but it's not really "illegal".  I'm sure it's against your acceptable use policy, and there's probably things you could do, like cut off the person subscribing, but are there actual LAWs against it, no.

So, do you care if one user downloads massive files night and day - effectively using up as much bandwidth as you give them?  No, you usually don't.  So, what difference does it make if its one user or 10 users?  They're still paying for X amount dollars for Y amount of the maximum bandwidth you give them.

Perhaps a better model would be to charge by how much data (bytes, MB, GB) is downloaded from the Internet to the user.  Then, the users will be disinclined to allow their friends and/or neighbors to use their connection because it is going to cost THEM more - if they don't mind, then you make more revenue.  Right now, they have no disincentive to share.  What you need to do is to approach the problem from a business perspective instead of a technological one.
0
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 13905404
Yep...  I think we answered this one, unless he found a better way..  :)
0
 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

 
LVL 27

Expert Comment

by:pseudocyber
ID: 13958410
:)
0
 

Author Comment

by:HaithamEgy
ID: 13964338
Sorry .... but I found a better way myself ... Thank You All
0
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 13964459
Interesting..  would you like to elaborate?
0
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 13991987
Thanks!
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

    Over the past few years, small business and home owners have become so dependent on internet that a need for redundancy has arisen.    What happens when your small business or home / home office loses its internet connection?  The results c…
Why do some people recommend buying business VoIP from an ISP? What are the benefits to my company? What are the costs?
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question