# Restricting internet access for office of 20 users



## samirpatel24 (Jan 10, 2012)

I want to restrict internet access at my office for around 20 users. All the pc's are directly connected through a common switch and all are on broadband since its a new office. 
Please advice me the best way to restrict internet access. Please also recommend me the hardware required.My understanding is I will probably need a new switch with atleast 30 ports keeping future requirements.
we have a dedicated 10 mbps link which will plug into the new switch.

1. Please recommend me a switch I should go for. ?

2. Is it possible to restrict access using only a switch ? or I will have to setup a complete domain environment ?

I want to implement this with minimum efforts and keep it as easy as possible.Need your help urgently.Thanks !


----------



## hoyin007 (Dec 7, 2011)

It would be good to know your network setup 1st.

Do you have any firewall between your network and internet?

What kind of restriction you have in mind for the user?


----------



## samirpatel24 (Jan 10, 2012)

Currently there is no firewall. All pc's connected to a common switch for the whole building.

I am only looking at blocking basic access like facebook pages etc.Since this organisation deals with Video conferance technology.


----------



## samirpatel24 (Jan 10, 2012)

I have come up with one thing in mind.

I can purchase a small router and a switch for around 20 users. Plug the uplink in the router that i purchased and connect all users on the new switch. this way the router can assign dhcp ip to all users and restrict access too.

I can configure the firewall to block websites like facebook and other chat sites. How does this solution sound ? It would save me from the hassle to create an entire domain for users and ask them to log on to domain and stuff.

Please recommend.


----------



## hoyin007 (Dec 7, 2011)

Yes, it works like any home base boardband setup.

You should already have a boardband router with your current ISP.
connect 1 of the Lan port to you switching uplink port (or any).
Have you router act as DHCP server and you can put a web site name filter list what should be blocked. You can also configure date & time to block also.

Beware this is only basic filtering by name. E.g if you block access to Welcome to Facebook - Log In, Sign Up or Learn More, user can still access by IP: 66.220.158.11.


----------



## samirpatel24 (Jan 10, 2012)

Thanks for your reply ! Will update as soon as some thing gets in plan.


----------



## Fmaulana (Dec 29, 2011)

Use squid as internet gateway


----------

