I am currently working with a system that has the capability of doing mac
monitoring/restriction behind a NAT connection to keep customers from
running too many computers behind NAT. That is kind of close to what you
are looking for. It also does monitoring of wireless links and alerts me
when the link is weak (like a backhaul link) so that I never have down time.
John Benson
Wireless Systems Engineer
801-427-0719
-----Original Message-----
From: karlnet-admin@WISPNotes.com [mailto:karlnet-admin@WISPNotes.com]On
Behalf Of Bob Hrbek
Sent: Monday, October 21, 2002 3:11 PM
To: karlnet@WISPNotes.com
Subject: Re: [Karlnet] New KarlNet .bin files released
Specifically you are asking if one can keep people from doing NAT ? I'm
not sure you could really do that......I've heard of ways to detect nating
but never really read into it enough to commit it to memory. I guess you
could watch simultaneous TCP connections and if they hit 20+...start
dropping stuff to them or something....other than that some sort of MAC
address restrictions would be the only thing you could do.
I'm no expert by any means though so you might find something that works.
-bob
----- Original Message -----
From: "Larry Yunker - Cyber Broadcasting" <leyunker@cbcast.com>
To: <karlnet@WISPNotes.com>
Sent: Monday, October 21, 2002 4:06 PM
Subject: Re: [Karlnet] New KarlNet .bin files released
> ok... if you don't mind me asking, how exactly would one firewall against
> NAT? What sort of rules would I have to add? Any helpful links that
> explain how to firewall against NAT?
>
>
> ----- Original Message -----
> From: "Bob Hrbek" <bhrbek@jagwireless.com>
> To: <karlnet@WISPNotes.com>
> Sent: Monday, October 21, 2002 3:52 PM
> Subject: Re: [Karlnet] New KarlNet .bin files released
>
>
> > If you are looking for a solution to block a users NAT firewall from
using
> > your system....I don't think this is what they are talking about.
> >
> > I believe this feature is just an option to make sure that the private
> IP's
> > don't get on the wireless network.
> >
> > -bob
> > ----- Original Message -----
> > From: "Larry Yunker - Cyber Broadcasting" <leyunker@cbcast.com>
> > To: <karlnet@WISPNotes.com>
> > Sent: Monday, October 21, 2002 3:48 PM
> > Subject: Re: [Karlnet] New KarlNet .bin files released
> >
> >
> > > Anyone from Karlnet care to enlighten us and clear up our
speculation???
> > If
> > > they have found a way to block NAT, I have an immediate need for some
> > > upgrade licenses!
> > >
> > > ----- Original Message -----
> > > From: "Bob Hrbek" <bhrbek@jagwireless.com>
> > > To: <karlnet@WISPNotes.com>
> > > Sent: Monday, October 21, 2002 3:34 PM
> > > Subject: Re: [Karlnet] New KarlNet .bin files released
> > >
> > >
> > > > :) I'm guessing that it just creates a Firewall type rule that
drops
> > any
> > > of
> > > > the private nat addresses on the public side of the RG. It would
seem
> > > that
> > > > even if you enabled bridging (while running nat) it would drop the
> > private
> > > > IP's from the selected interface.
> > > >
> > > > -bob
> > > >
> > > >
> > > > ----- Original Message -----
> > > > From: "Dan Metcalf" <dan.metcalf@wbsysnet.com>
> > > > To: <karlnet@WISPNotes.com>
> > > > Sent: Monday, October 21, 2002 3:06 PM
> > > > Subject: RE: [Karlnet] New KarlNet .bin files released
> > > >
> > > >
> > > > > I asked this some exact question and some wise-ass gave me the
> > > > > "definition" of inhibit.
> > > > >
> > > > >
> > > > >
> > > > > Dan Metcalf
> > > > > Wireless Broadband Systems
> > > > > http://www.wbsysnet.com/
> > > > > 877-685-0578
> > > > > dan.metcalf@wbsysnet.com
> > > > >
> > > > >
> > > > > > -----Original Message-----
> > > > > > From: karlnet-admin@WISPNotes.com
> > [mailto:karlnet-admin@WISPNotes.com]
> > > > > On
> > > > > > Behalf Of Larry Yunker - Cyber Broadcasting
> > > > > > Sent: Monday, October 21, 2002 4:00 PM
> > > > > > To: karlnet@WISPNotes.com
> > > > > > Subject: Re: [Karlnet] New KarlNet .bin files released
> > > > > >
> > > > > > What exactly does this do?
> > > > > >
> > > > > > - Inhibit Private NAT through selected Interfaces
> > > > > >
> > > > > > Does this somehow block a customer from running a NAT router
(like
> a
> > > > > > Linksys
> > > > > > Cable-Modem-router) behind say an RG1000? If so, HOW?????
Would
> it
> > > > > also
> > > > > > block Internet Connection Sharing??
> > > > > >
> > > > > >
> > > > > >
> > > > > > ----- Original Message -----
> > > > > > From: "Charles Chia Sheng Wu" <cwu@cwlab.com>
> > > > > > To: <Agere@part-15.org>
> > > > > > Cc: <isp-wireless@isp-wireless.com>; <karlnet@WISPNotes.com>;
> > > > > > <equipment-l@wisp-equipment.net>
> > > > > > Sent: Wednesday, October 16, 2002 2:59 PM
> > > > > > Subject: [Karlnet] New KarlNet .bin files released
> > > > > >
> > > > > >
> > > > > > > v4.27
> > > > > > >
> > > > > > > New Features of 4.27
> > > > > > > - MAC Auth Library (AP Radius and MAC Access List)
> > > > > > > - IP Multicast Pruning
> > > > > > > - Inhibit Private NAT through selected Interfaces
> > > > > > > - Block inter-client communication on the same interface
> > > > > > > - Simple Firewall
> > > > > > > - WEP Support for Intersil Cards in 802.11b mode
> > > > > > > - IAPP
> > > > > > > - PPoE Filtering
> > > > > > > - TurboCell Polling update for large Networks
> > > > > > > - Updated Windows based configurator
> > > > > > > - Updated Help Files and Documentation <g>
> > > > > > > - value range for pings is now 64-2000 Bytes (as opposed to
the
> > 1472
> > > > > > Byte
> > > > > > > limit)
> > > > > > >
> > > > > > >
> > > > > > > Corrected issues in 4.27
> > > > > > >
> > > > > > > - RIP-2 in kernel 4.13 use triggered updates to send empty
> default
> > > > > route
> > > > > > > - Station list is being corrupted re:RADIUS re-Auth
> > > > > > > - Permission denied problem for read only kernel and temp bin
> file
> > > > > not
> > > > > > > removed
> > > > > > > - Default Bandwidth throttling is not working correctly in
> kernel
> > > > > 4.02
> > > > > > > - Garbage collection is not working
> > > > > > > - RIP2 default gateway is not sent after learned by device
> > > > > > > - After initial upload of SEC only builds, AP option in the
> > > > > interface is
> > > > > > not
> > > > > > > dimmed
> > > > > > > - Base can not do Radius Authentication for Satellite when the
> > other
> > > > > > > wireless interface is configuring in AP mode
> > > > > > > - Kernel 4.00 doesn't load on a WP-II
> > > > > > > - MIB-II Routing table is not updated
> > > > > > > - Outdoor Router does use 'preferred IP address' as source
> address
> > > > > for
> > > > > > ICMP
> > > > > > > 'TTL expired in transit' message
> > > > > > > - Firewall option fails to function correctly with VPN / IPSEC
> > > > > through
> > > > > > the
> > > > > > > RG
> > > > > > > - Incoming NAT using wildcard port blocks Outgoing NAT for
other
> > > > > clients
> > > > > > > - DHCP Client of AP-1000 is renewing the IP addresses to soon
> > > > > > >
> > > > > > > Features for next release
> > > > > > > - VLAN Support
> > > > > > > - Continued Improvement of Documentation
> > > > > > > - TurboCell Autoroam Feature
> > > > > > >
> > > > > > > _______________________________________________
> > > > > > > Karlnet mailing list
> > > > > > > Karlnet@WISPNotes.com
> > > > > > > http://lists.wispnotes.com/mailman/listinfo/karlnet
> > > > > > >
> > > > > > >
> > > > > >
> > > > > >
> > > > > > _______________________________________________
> > > > > > Karlnet mailing list
> > > > > > Karlnet@WISPNotes.com
> > > > > > http://lists.wispnotes.com/mailman/listinfo/karlnet
> > > > > > ---
> > > > > > [This E-mail scanned for viruses by Declude Virus]
> > > > >
> > > > >
> > > > > _______________________________________________
> > > > > Karlnet mailing list
> > > > > Karlnet@WISPNotes.com
> > > > > http://lists.wispnotes.com/mailman/listinfo/karlnet
> > > > >
> > > >
> > > > _______________________________________________
> > > > Karlnet mailing list
> > > > Karlnet@WISPNotes.com
> > > > http://lists.wispnotes.com/mailman/listinfo/karlnet
> > > >
> > > >
> > >
> > >
> > > _______________________________________________
> > > Karlnet mailing list
> > > Karlnet@WISPNotes.com
> > > http://lists.wispnotes.com/mailman/listinfo/karlnet
> > >
> >
> > _______________________________________________
> > Karlnet mailing list
> > Karlnet@WISPNotes.com
> > http://lists.wispnotes.com/mailman/listinfo/karlnet
> >
> >
>
>
> _______________________________________________
> Karlnet mailing list
> Karlnet@WISPNotes.com
> http://lists.wispnotes.com/mailman/listinfo/karlnet
>
_______________________________________________
Karlnet mailing list
Karlnet@WISPNotes.com
http://lists.wispnotes.com/mailman/listinfo/karlnet
|