Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Restricting HTTP access

Status
Not open for further replies.
danno74

danno74

IS-IT--Management
Nov 13, 2002
295
US
We have a client who has a 56k relay line to access billing software we license out to them. We are having problem with their network because some people over there are using the Internet. We want to restrict access to this since they do not have licenses for this, and had heard from our ISP rep that we could do something at the command prompt to shut off http access - is this possible?
 
Sort by date Sort by votes
I'm not sure I understand the scenario entirely. My interpretation is that your client has a dedicated frame-line to your company, and they get out to the Internet by going via your company and you want to restrict that.

I don't know how licenses comes into play, as you don't need licenses to surf the web. Is it you want them to use the frame line to you for the application only? If, however, I described the situation correctly, the place to block their access is with an access-list on one of your routers. Can you do this? What type of routers do you have?

With Win2K, you can deny traffic on certain ports, but that would be on their computers, and I don't think they'd be to happy with you if you did that.

-gbiello
 
Upvote 0 Downvote
Our clients access billing software we license out to them, and with that they also have the option of accessing the internet through our network. The client that is the main subject of this has 4 licenses, and we believe that more than 4 people are accessing the Internet - they are calling and complaining about lag when it's their users that aren't supposed to be online that are eating the bandwidth. We want to limit the http access to only the 4 workstations that have licenses.

Could you tell me how to deny traffic to that port? They all have w2k over there, so that would be great. Thanks!
 
Upvote 0 Downvote
Open up the NIC's Properties sheet. Double-click "Internet Protocol (TCP/IP)". Click "Advanced". Click the "Options" tab. Double-click "TCP/IP filtering". Click "Permit Only" in the TCP column. Enter the ports you wish to allow. There will be many, and you will need to find a website that has a port-listing like
As a much more sensible alternative, I think the filtering should be done at the router. I would need to know the network layout to help, and you would have to program access-lists. If it is a Cisco, there are many helpfull posts in the PIX and Cisco routers forums at this website.

-gbiello
 
Upvote 0 Downvote
i agree, make your restrictions at the router level.. as users can get intelligent and finger your OS-level settings...

u can use extended IP access lists on a cisco router to deny traffic destined to/for a specific application type.. for instance, if any outgoing traffic matches HTTP, SMTP or Telnet, deny or accept... it's that flexible..

good luck..
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

DrB0b
  • Locked
  • Question
Multiple WiNG Zebra Access Points with possible issue
Replies
1
Views
532
DrB0b
DrB0b
PCHomepage
  • Locked
  • Question
Accessing FTP As Explorer Location
Replies
5
Views
136
PCHomepage
PCHomepage
UnknownEntity
  • Locked
  • Question
PC Needed to access 2 different networks. What IP configuration is needed?
Replies
2
Views
99
jimbopalmer
jimbopalmer
ProUser
  • Locked
  • Question
No Internet Access over VLAN 1
4 5 6
Replies
114
Views
682
ProUser
ProUser
Randar162
  • Locked
  • Question
Access an IP on another subnet
Replies
1
Views
78
cisconooblet
cisconooblet

Part and Inventory Search

Sponsor

Back
Top