Non Internet Range , Howto !!?

Hi Friends.
i Have a " Web Server " with IP Valid .
My User’s Connect via Wireless via eth4 of MyRouterBoard .
want add a New Range IP for My User’s Can Connect to My WebServer with 10mbps but Can’t Connect to Internet .
See My Map:

             { INTERNET }
                  ||
                  ||
                  ||
              [My RB1000]
          eth2//         \\eth4
             //           \\
            //             \\                 /          \ [Wireless Users]
  [My WebServer]       [RB600 (wirelss)]  -: {            }[Wireless Users]
                                              \          / [Wireless Users]

Now my Internet User’s Connect on 172.7.7.1/24 with Hotspot and Give Speed from 1mbps to 3mbps.
i Have a PPPoE Service on [eth4] of My [RB1000] can i Set IP range of My Users from Radius Server for it , Exam: when Users Connect with a Some Users give a New Range IP . Like 172.10.10.10-172.10.10.200 .
my Problem is , How Can i Set a New RangeIP within 172.10.10.1/24 for users Just Connect to [WebServer].
[WebServer] is a Service Like Game Server and i Want Create a GameCard ! and Anyone Can’t Connect to Internet via GameCards .

Thanks

Hi,

It is very simple, just assign the IP range for that service and than make sure that you do not NAT that IP prefix, also you can put some filter rules where you will allow only the given service to run on that IP prefix.

Regards.

Faton

Thanks , Can You Show That Filter for Only Access to My WebServer for That Range ?

/ip fi ad ad ad=range1 list=myrange
/ip fi ad ad ad=range2 list=myrange
/ip fi ad ad ad=range3 list=myrange
/ip fi fi ad chain=forward src-address-list=myrange dst-address=<webserver's_address> action=accept
/ip fi fi ad chain=forward dst-address=<webserver's_address> action=reject

or just

/ip fi ad ad ad=range1 list=myrange
/ip fi ad ad ad=range2 list=myrange
/ip fi ad ad ad=range3 list=myrange
/ip fi fi ad chain=forward src-address-list=!myrange dst-address=<webserver's_address> action=reject