+ Post New Thread
Page 2 of 2 FirstFirst 12
Results 16 to 26 of 26
Wireless Networks Thread, Two Internet Connection One Network in Technical; Everyone who suggested some sort of access control device between your network and the open internet has the right sort ...
  1. #16


    tom_newton's Avatar
    Join Date
    Sep 2006
    Location
    Leeds
    Posts
    4,485
    Thank Post
    867
    Thanked 854 Times in 675 Posts
    Rep Power
    197
    Everyone who suggested some sort of access control device between your network and the open internet has the right sort of idea - accountability and authentication are key there.

  2. #17

    dhicks's Avatar
    Join Date
    Aug 2005
    Location
    Knightsbridge
    Posts
    5,683
    Thank Post
    1,268
    Thanked 789 Times in 686 Posts
    Rep Power
    237
    Quote Originally Posted by glennda View Post
    it authenticates against ad so that it needs credentials aswell.
    Ah - solves that problem :-)

  3. #18
    IanT's Avatar
    Join Date
    Aug 2008
    Location
    @ the back of my server racks farting.....
    Posts
    1,891
    Thank Post
    2
    Thanked 118 Times in 109 Posts
    Rep Power
    60
    I did this at my last place, we had LA Broadband and had a Be* Internet line dedicated for IT and other services, put a PIX firewall in and just pointed our default gateway on same subnet too it, boom! worked!

  4. #19
    budgester's Avatar
    Join Date
    Jan 2006
    Location
    Enfield, Middlesex
    Posts
    486
    Thank Post
    4
    Thanked 37 Times in 30 Posts
    Rep Power
    24
    Quote Originally Posted by GrumbleDook View Post
    Except there is nothing to stop someone else with a laptop in the area using a well-known tool to see where your traffic is going, set up their own device with a static address on a LAN port and plug it into your network, getting unfiltered access to everything. They can spoof MAC address if you are using ACLs too.
    Seriously in a secondary school,if someone..

    A. has the time to do this
    B. has the skills to do this
    C. has the access to the network to do this
    D. Can be bothered to do this
    E. Manages to do this.

    Then...

    A. Why aren't they doing there own job ?
    B. Employ them as an IT tech pretty damn sharpish.
    C. There are probably more things to worry about on your network than unfiltered internet access.

  5. Thanks to budgester from:

    webby74 (4th April 2011)

  6. #20

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,821
    Thank Post
    272
    Thanked 1,140 Times in 1,036 Posts
    Rep Power
    350
    Its not the staff that we worry about - what if kids could get onto the internet unfiltered?

    also sorts of issues then arise.

  7. #21
    budgester's Avatar
    Join Date
    Jan 2006
    Location
    Enfield, Middlesex
    Posts
    486
    Thank Post
    4
    Thanked 37 Times in 30 Posts
    Rep Power
    24
    If the kids can run network sniffing software, change network settings and spoof macs on normal classroom PC's I'd still say you have bigger problems than unfiltered internet access. And if the kids are bringing there own laptops in, then the chances are they probably have a smart phone or mobile dongle, that will give them unfiltered internet access anyway.

  8. #22

    Join Date
    Jan 2011
    Location
    Sheffield
    Posts
    10
    Thank Post
    1
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Do you use a proxy server for your LEA link?

    Set up another proxy server on an old PC using something free like smoothwall express. connect 'external' ethernet to the unfiltered router and give it an IP in the same range. Connect 'internal' ethernet to school's lan, with an internal range IP address.
    Simply change your proxy server to the smoothwall when needing unfiltered access.
    In my school staff/students all use IE and have 'disable changing proxy settings' set up in Group Policy but I don't

  9. #23

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,821
    Thank Post
    272
    Thanked 1,140 Times in 1,036 Posts
    Rep Power
    350
    Quote Originally Posted by budgester View Post
    If the kids can run network sniffing software, change network settings and spoof macs on normal classroom PC's I'd still say you have bigger problems than unfiltered internet access. And if the kids are bringing there own laptops in, then the chances are they probably have a smart phone or mobile dongle, that will give them unfiltered internet access anyway.
    in my case it's not to block the kids but to protect myself against allegations of wrong doing by members of staff.

  10. #24

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    9,992
    Thank Post
    1,359
    Thanked 1,828 Times in 1,135 Posts
    Blog Entries
    19
    Rep Power
    602
    Quote Originally Posted by budgester View Post
    If the kids can run network sniffing software, change network settings and spoof macs on normal classroom PC's I'd still say you have bigger problems than unfiltered internet access. And if the kids are bringing there own laptops in, then the chances are they probably have a smart phone or mobile dongle, that will give them unfiltered internet access anyway.
    Most of which now come with data quotas ... why use your own quota when you have another connection to leech from?

  11. #25

    Join Date
    Apr 2007
    Posts
    10
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Quote Originally Posted by webby74 View Post
    Thanks for all your replies! Its now working.

    Spent the afternoon setting it up.

    As suggested above I disabled DHCP, connected it via ethernet network, and gave it a static IP. I've manually configured IT Support devices with static IPs and point them to the Belkin Router.

    I've tested it round the school and can successfully access everything on the network and connected to the unfiltered internet.

    It's always nice when you achieve something successfully, thanks guys
    So now you have got it working will you be mentioning it to your LA who have the other connection coming in. I use to work for a LA and if a school was attatching a secondary connection A) not on the LA network and B) was unmanaged by the LA we would instantly disconnect them.

    Alot of LA's have to sign upto Government Connect which means they have to have full management and visability of what is going on, on there network. So by adding a connection yourself you are potentially putting the whole LA at risk.

  12. #26

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    9,992
    Thank Post
    1,359
    Thanked 1,828 Times in 1,135 Posts
    Blog Entries
    19
    Rep Power
    602
    Quote Originally Posted by m8ttysmith View Post
    So now you have got it working will you be mentioning it to your LA who have the other connection coming in. I use to work for a LA and if a school was attatching a secondary connection A) not on the LA network and B) was unmanaged by the LA we would instantly disconnect them.

    Alot of LA's have to sign upto Government Connect which means they have to have full management and visability of what is going on, on there network. So by adding a connection yourself you are potentially putting the whole LA at risk.
    As well as the previously mentioned ToS / T&Cs with JA.NET ...

SHARE:
+ Post New Thread
Page 2 of 2 FirstFirst 12

Similar Threads

  1. Well, we've got an internet connection....
    By Dos_Box in forum General Chat
    Replies: 0
    Last Post: 23rd February 2011, 11:50 AM
  2. Internet Connection
    By stebo730 in forum Internet Related/Filtering/Firewall
    Replies: 15
    Last Post: 15th February 2011, 06:30 PM
  3. Internet connection
    By leco in forum Mac
    Replies: 23
    Last Post: 4th February 2010, 07:51 AM
  4. Internet Connection Woes
    By u8dmtm in forum Internet Related/Filtering/Firewall
    Replies: 3
    Last Post: 2nd October 2009, 09:13 AM
  5. VPN connection with internet connection option
    By FN-GM in forum Wireless Networks
    Replies: 6
    Last Post: 29th December 2007, 07:19 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •