Using nxfilter as a gateway
228 views
Skip to first unread message
Vikram Agarwal
Apr 3, 2015, 1:04:54 AM4/3/15
to nxfil...@googlegroups.com
Hi,
Please suggest any possibility of using nxfilter as a dedicated gateway with 2 x ethenet cards, one is used as WAN and other as dedicated LAN.
Jinhee
Apr 3, 2015, 1:08:27 AM4/3/15
to nxfil...@googlegroups.com
Why do you need to do that with a DNS filter?
Vikram Agarwal
Apr 3, 2015, 4:24:57 AM4/3/15
to nxfil...@googlegroups.com
Basic idea is to use nxfilter as a single webfilter unit, with internet on one card and local ip/dhcp on other. isolating user from getting the connection from router directly, instead of blocking dns server.
Jinhee
Apr 3, 2015, 5:38:00 AM4/3/15
to nxfil...@googlegroups.com
Yeah, you want to make them going through NxFilter. Just block outgoing 53 UDP on router. Then NxFilter will be the only
DNS server they can use. That's the way we force users to get filtered. A lot easier than using 2 NICs.
DNS server they can use. That's the way we force users to get filtered. A lot easier than using 2 NICs.
Vikram Agarwal
Apr 3, 2015, 11:41:28 AM4/3/15
to nxfil...@googlegroups.com
I understand, just probing the possibility. Suggest if it is possible.
Vikram Agarwal
Apr 3, 2015, 1:47:21 PM4/3/15
to nxfil...@googlegroups.com
Please help me using nxfilter in case of terminal server, how to provide different policy for various group of users.
Also as traffic is originating from single IP. Can we force each user to login into nxfilter at the time of login on the terminal server.
Jinhee
Apr 3, 2015, 7:46:24 PM4/3/15
to nxfil...@googlegroups.com
I guess you're thinking of something like inline deployment but that's not on NxFilter's domain. It's on OS. So you'd
better try to solve it on OS level.
About terminal server the simplest solution would be using one username for terminal server but if you want to go
for some other solution read this,
https://groups.google.com/forum/?fromgroups=&hl=en#!searchin/nxfilter200/terminal$20server$20virtiual/nxfilter200/MeqBh5bqaMU/SWP8H87-weMJ
Someone said that he solved the problem with IP virtualization. However I didn't try it myself.
better try to solve it on OS level.
About terminal server the simplest solution would be using one username for terminal server but if you want to go
for some other solution read this,
https://groups.google.com/forum/?fromgroups=&hl=en#!searchin/nxfilter200/terminal$20server$20virtiual/nxfilter200/MeqBh5bqaMU/SWP8H87-weMJ
Someone said that he solved the problem with IP virtualization. However I didn't try it myself.
Mark McDonald
Apr 4, 2015, 10:11:43 PM4/4/15
to nxfil...@googlegroups.com
It is possible to setup a Linux or Windows Box as a Gateway then add the NXFilter software to that gateway. NXFilter is a addon and not a complete OS.
Hope this helps
Vikram Agarwal
Apr 5, 2015, 2:57:56 AM4/5/15
to nxfil...@googlegroups.com
What I am looking for is :
a. One ethernet card bound with modem directly and ICS installed and working. (already done)
b. Second ethernet for LAN with local IP and ICS card (item a) as gateway and DNS
c. Bound nxfilter on second ethernet (lan side) and passing internet traffic to ICS card.
basic aim is to prevent users from directly connecting to the modem for DNS. (though it can be done by blocking port 53 on modem/router, but like to do it this way)
Please suggest the possibility.
Mark McDonald
Apr 6, 2015, 12:24:01 AM4/6/15
to nxfil...@googlegroups.com
What are you using for OS?
Vikram Agarwal
Apr 6, 2015, 1:02:51 AM4/6/15
to nxfil...@googlegroups.com
Windows 7 64 bit.
Reply all
Reply to author
Forward
0 new messages