Simple question (restricting internet access)



  • I am in charge of the networking at a medium (~30 people) LAN party.

    To balance the problems of players abusing internet access and the hassles of not having internet, I have decided that I would like to provide internet on a need-to-use basis.

    The Captive Portal looks like a great option for me, however I'm a little bit confused about the design.

    I have a captive portal setup for the LAN interface.  Is it true that with this option enabled, all computers will still be able to access all other computers on the LAN (including the router) without having to pass through it?

    It seems like that would be true, since I doubt the computers will be talking through the router to get to another computer on the LAN.

    Can anyone clarify this for me?

    Another thing that I'd like to do is open up ports UDP 27000 to 27015 and TCP 27020 to 27050 for Steam.  Open them up so that all internal users (including non-authenticated) can access WAN servers via those ports.  Is there some way I can bypass the portal for this?



  • @clamothe:

    It seems like that would be true, since I doubt the computers will be talking through the router to get to another computer on the LAN.

    True.

    @clamothe:

    Another thing that I'd like to do is open up ports UDP 27000 to 27015 and TCP 27020 to 27050 for Steam.  Open them up so that all internal users (including non-authenticated) can access WAN servers via those ports.  Is there some way I can bypass the portal for this?

    You can't open up single ports but you can specify passthrough IPs as destination that are always allowed. So add the Steam IPs there and you are fine. For everything else the clients have to authenticate then.


Log in to reply