Hello people; I have a problem I can not solve it, the pc that do not add to the server (I use hots and host groups), has full unrestricted output; as I do to deny internet to PCs that are not assigned to the server ?. From already thank you very much
in Spanish
hola gente; tengo un problema no puedo resolverlo, las pc que no las agrego al servidor (yo uso hots y grupos de host), tiene salida total sin restricciones; como hago para denegar internet a las pc que no esten asignadas en el servidor?. desde ya muchas gracias
thanks. The network has a dhcp service that gives the other server, and use it as firewall nethserver, proxy…etc, the pc’s ip from objects added by the firewall, when I add automatically has full internet without aim the proxy port. How can you do to deny all access to the internet pc that will not assign port 3128 yet?
[Sorry for my English]
There is a DHCP server giving address to NethServer.
NethServer is acting as Firewall, Proxy, etc.
Most workstations are added as Firewall objects under the host tab, and grouped as host groups;
but some workstations aren’t
How to deny Internet access to the latter?
What I don’t fully understand is about the proxy, maybe:
workstations that are not added to the firewall have full Internet access. How to deny Internet access to those workstations that have not been yet redirected to the proxy port?
@Jorge_Karim_Ledesma, if you don’t mind, try to explain a bit more about your setup, and correct me where I am wrong.
Does NethServer sits between the DHCP server (maybe a router) and the workstations?, like shown in the Gateway Mode as seen on the Network Planning wiki page.
You want to deny access to the internet to a host or host group created in nethserver?
If you have a DHCP server outside services nethserver and have a range of reserved IP for your local or enterprise network, all IP that are not reserved the can create a subnet range CIDR and say in security policies refuse exit to the internet.
I think it’s what you need.
Como estas amigo?
Quieres denegar el acceso al internet a un host o grupo de host creados en nethserver?
Si tienes un servidor dhcp fuera de los servicios de nethserver y tienes un rango de ip reservada para tu red local o empresarial, todas las ip que no estan reservadas las puedes crear en un rango de subred CIDR y le dices en las politicas de seguridad denegar la salida a la internet.