Tom's Hardware > Forum > Windows XP > Windows XP General Discussion > Need packet filter on only one interface in dual-homed PC

Need packet filter on only one interface in dual-homed PC

Forum Windows XP : Windows XP General Discussion - Need packet filter on only one interface in dual-homed PC

Tom's Hardware: Over 1.4 million members in 6 different countries available to answer all your high-tech questions. Sign up now! Its free!
Ask the community Add a reply
Word :    Username :           
 
Anonymous   02-10-2005 at 04:21:07 AM

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

 

I've got a Windows XP machine that I need to set up to provide remote access
for a vendor to support an application on our internal network. I plan to
use the newest version of pcAnywhere since it has built-in AES 256-bit
encryption support. I have two nics in the machine, the primary nic is on
the private internal network and has normal access to everything a typical
networked workstation needs. This internal network has absolutely zero
routability to the public Internet. The second nic in the machine is attached
to a special NAT-routed DMZ segment that is shared with many other users in
our organization. I have pcAnywhere listening only on that second nic, and
the Windows network client is not bound to that second nic, it only has bare,
raw tcp/ip selected in its network properties. What I need to do is enable
some kind of firewall or packet filtering on that second nic only such that
every inbound connection request whether tcp or udp is completely blocked
off, with the exception of pcAnywhere's tcp port (5631) and udp port (5632)
are allowed from only a select few individual ip addresses. My NAT
router/firewall system that separates the wild, untamed public Internet from
this special DMZ segment can accomplish this for addresses out there on the
public Internet, but not for users of other systems which also reside on this
DMZ segment within our organization. I looked at the built-in tcp/ip
filtering of Windows XP, and it says quite plainly that tcp/ip filtering is
applied to *all* interfaces. I only want it to be applied to one of the two
interfaces, plus I also want to be able to limit traffic to a specific list
of tcp and udp ports to only be allowed and also when it's coming in from a
specified list of addresses too.... and apply these restrictions only to
traffic coming in a specified nic, leaving the other nic completely
untouched. Is this even doable in Windows XP without resorting to some
outboard hardware firewall device in between the 2nd nic and the DMZ segment?

Add a reply
Sponsored Links
Register or log in to remove.
Ask the community Add a reply
Tom's Hardware > Forum > Windows XP > Windows XP General Discussion > Need packet filter on only one interface in dual-homed PC
Go to:

There are 1186 identified and unidentified users. To see the list of identified users, Click here.

Forum map
Bestofmedia Forum ©
2000-2009 Bestofmedia Group
Page generated in 0.330 seconds
Please mind

You are about to answer a thread that has been inactive for more than 6 months.
If you still wish to proceed, please ensure that your posting is original and does not duplicate or overlap any prior responses to this thread.

Add a reply Cancel
Sponsored links
  • Ask the community now
  • Publish
Ad
Related Topics
See all relatives topics
They won a badge
Join us in greeting them