On Jan 20, 2008 12:35 PM, Peter Dow (ML) <maillist@xxxxxxxxxxxxxxx> wrote:

My initial idea was #2, but would've required stringing another cable
from the router to the 1GB switch, which I was trying to avoid.

I am confused .. the router connects only to the "outside" NIC on the
proxy server, and the switch connects to the "inside" NIC of the proxy
server.

If I can figure out how to do #1, that sounds like the best solution.
Looks like I can "Block Services" for all IP addresses except one; I'll
give that a try. I'd still like to understand why the AP doesn't work,
but at this point I want to get it working.

I am pretty sure that it doesn't work because neither the Netgear nor
the switch will properly route the traffic between the various
subnets.

Regarding your soapbox comments, I'll look into it. From my limited
understanding, firewalls protect against incoming attacks; and in this
situation the intent is to be able to log who visits what websites, and
to block certain websites, which is what the proxy server is doing.

Firewalls are for controlling traffic, in both directions, not just
for preventing intrusions.

Although recently the Netgear router has been logging DOS attacks in the
form of ACK scans from Akamai Technologies, ... <<snip>>

Once the proxy server is working and is the only outbound device
allowed, you will be able to definitively deal with this.

Good luck.


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.