Hi
This might be a stupid question but im woundering if any1 could give me a hand / lesson with regards to a few firewall rules.
I would like users which have not connected through pptp to the router when trying to connect to a website be redirected to another page and any other data dropped . If they connect via pptp and authenticate the internet must as normal.
Its probably simple to do, thanks you in advance.
Hi
I don’t think it’s that simple, but it is possible.
For none-pptp clients, I would use a different IP range than to pptp connections (more than likely your network is setup like this allready). Then I would add a dst-nat rule to dst-nat all port 80 traffic (from your non-pptp range) to your web-server’s IP, and drop all non port 80 and non port 53 (udp and tcp) traffic. (You need port 53 in order for DNS to work).
Please note that your webserver can’t be a virtual http server, as your server will not recognize eg http://www.google.com as one of its own and only display an error page. If you have one website on your server, any url (eg http://www.altavista.com or http://www.google.com) will successfully redirect to your web server.
Hope the info was useful