So, my boss asked me to give internet access to one person that is not part of our company, I would like to isolate his computer from the rest of the LAN so he would not be able to access information from other computers. How it's possible to do this and which is the best method ?
Thank you in advance.
Easiest solution would be to buy another cheap router for this user, put it in place with a firewall rule dropping any traffic with a destination that matches your current internal network.
I've frankly never understood the "DMZ" feature on home routers except that it seems pretty much worthless since it doesn't seem to normally subnet off or filter that exposed host from the internal (protected) segment... pretty much defeating the whole purpose of a real DMZ to begin with.
I added the IP to the DMZ but nothing changed, the computer still has access to the LAN, I actually don't understand what DMZ does, worthless. So what I did, just made a firewall rule on the clients machine denying access to 192.168.0.2-192.168.0.254 range, allowing only 192.168.0.1 (router).
btw is there a newer firmware version for my router ?
I cannot set a specific IP for that computer because it is a Wireless connection.
About the firmware it is in german(DE) language ?
V 2.27DE, 01 01,2010/01/15, John Huang
1.Ubicom SDK 7.4.2 build 0056, 2009, Sep 15, UBICOM_7_4_2_B0056
3.HNAP security bug, could send set command in with "GetDeviceSettings" SoapAction.
Added a firewall rule on the clients machine that denies access to the 192.168.0.2 - 192.168.0.254 range, allowing only 192.168.0.1 (router), he only needs internet connection no LAN access, when he will leave from our office I'll remove the rule.
btw, he doesn't know anything about the firewall rules so he can't remove it and actually he doesn't want to see my network I just want to be sure nobody has access to our important files.