[Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 385
  • Last Modified:

Block traffic via a router using the MAC address or by IP?

I have a server connected to the internet.
There is a router between the server and the Internet.
I need to let one computer into my internal network.
I'm not really interested in a VPN.

Should I allow that computer in by configuring the router to allow only one IP or should I configure it to allow one MAC adddress in?

I heard you can spoof a MAC address?

Can you also spoof an IP?

What should I do?
0
vanauden
Asked:
vanauden
  • 2
2 Solutions
 
jjoseph_xCommented:
You can't block by the MAC address.  This is an over-simplification, but the internet doesn't work based on layer-2 addressing (the layer-2 address is only between routers).  So, the only MAC address that you'll see on your router is the MAC of its next-hop router (the router in front of it).

Which is just needlessly long-winded way of saying that you'll have to allow access via IP address.  If you have to access multiple computers/ips on your internet network, you'd be better-off using a VPN (it's pretty easy to setup a PPTP VPN using Windows 2000/2003 server).

0
 
Keith AlabasterCommented:
I'd go with putting the control on the IP address making the call to your router. Depending on what you are allowing them access to will really make the decision of whether a VPN should be used or not. If it is just to administrate, then port-forwarding port 3389 (RDP) from the given source IP is a pretty secure way forward. The client would use the Remote Desktop MS client
0
 
Keith AlabasterCommented:
Thanks :)
0
 
vanaudenAuthor Commented:
thank you very much guys.

this narrows my options and gives me a better undertstanding of them.

Thanks!
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now