I've installed an Office Router ISDN to make internet connection on =
demand. The location definition is ok, the ISDN configuration is ok. The =
only problem I have is with the filter defintion.
There are NT WS, NT Servers and Win 95 WS on the LAN behind the OR.
The TCP/IP is configurerd on each workstation. I wanted to limit the =
access to the Internet for 3 PC. x.x.x.100, x.x.x.121 and x.x.x.122.
I wrote the the following filter :
1 permit x.x.x.100/32 0.0.0.0/0
2 permit x.x.x.121/32 0.0.0.0/0
3 permit x.x.x.122/32 0.0.0.0/0
It works but : as a lot of people knows, Windows IP Stack make a lot of =
broadcast in UDP with port # 137 or # 138. And these packet make always =
my link (which is on_demand) up. I don't want this and try to filter the =
UDP 137/8. I change my filter in=20
1 deny 0.0.0.0/0 0.0.0.0/0 udp dst eq 137
2 deny 0.0.0.0/0 0.0.0.0/0 udp dst eq 138
3 deny 0.0.0.0/0 0.0.0.0/0 udp dst eq 139
4 permit x.x.x.100/32 0.0.0.0/0
5 permit x.x.x.121/32 0.0.0.0/0
6 permit x.x.x.122/32 0.0.0.0/0
It does seems to work because my link is still going up often.
Thank at all for your ideas, if somebody has already filter Microsoft =
Protocol, he can stil write me.
Fred
TERCOM SA
Switzerland (it's cold, but it doesn't rain)