control internet traffic in a lab using centralized software firewall

2

enter image description hereI am trying install a software firewall in our lab. How I am planning to do this is by, installing a firewall application on a computer. There are two network adapters attached to this pc, one is connected to the internet router and the other is connected to the router wan port, and then it goes to the switch for 120 pc's.

I have Bridged two network adapters and I can access the internet via the client pc's. When I set some rules on the firewall, its working with the server, but not with the client pcs. I tried to block all internet from client router ip, and it's not working.

This is a small setup, so I tried with Comodo free firewall as well as Windows firewall, neither are working correctly.

Tibin

Posted 2016-02-22T15:49:07.510

Reputation: 164

I take it "the intenet router" and "the router" are not the same router? perhaps a diagram would help. as an aside, i would recommend against using Comodo just now. They've had a few surprising security failures in the last couple weeks. Personally I'd use somthing like PFSense. – Frank Thomas – 2016-02-22T16:06:15.113

i have updated my scenario with an image. Is there any solution rather than hardware firewall with windows OS? – Tibin – 2016-02-22T16:17:59.033

Answers

1

What you want is a software firewall appliance for a dedicated x86-family architecture computer.

See List of firewall distributions

A lot of people probably start with something like FREESCO

You will need to familiarise yourself with the general principles of stand-alone firewalls and their operation. I'd be looking at routing rather than bridging.

If you want help with configuration of specific software (e.g. Comodo) you should make this clear and list

  • your specific objectives in terms of what PCs can contact which networks/services
  • the specific configuration details you tried
  • the actual results you observed (and how exactly they differed from what you expected)

You might need to do that as a separate question and posssibly in a more appropriate stackexchange website (e.g. security, server-fault, etc)

RedGrittyBrick

Posted 2016-02-22T15:49:07.510

Reputation: 70 632

Ya. Thanks anyway. I need to know the possibility with os windows. – Tibin – 2016-02-23T01:24:23.270

Asked: 2016-02-22T15:49:07.510

Viewed: 82 times

Active: 2016-02-22T17:40:40.883