Enter remotely restricted pc
-
Ok I have two businesses 1. A hotel business and 2. A liquor business. If I added a cat 5 cable to my front office pc, I would like to remotely see that pc from my business #2 from a laptop. But what I do want to restrict people to be able to go on the internet. Nothing should be running, downloading, or playing anything on the front office pc except for the check-in program that I have. The only problem is I don’t know what kind of software that would do this. If anyone knows a way of doing this would be appreciated.
-
First, make sure the users do not have admin priv on the front office PC - then they can't install stuff or change the network settings.
Assumption: you are using DHCP on pfSense to give out IP addresses.
Allocate a static-mapping in DHCP for the front office PC, so it gets a fixed IP address on the LAN.
Add an alias for that static-mapped IP - e.g. FrontOfficePC (to make the rules easy to read).
Add a rule onWANLAN blocking all traffic from FrontOfficePC to !LANsubnet (in fact, you should be able to block everything from FrontOfficePC - traffic from FrontOfficePC to your laptop etc won't even go through pfSense).
If you are really concerned about front office access, then be aware that just giving them a cable means they can plug in their own device to the cable, get a different IP address and play… - but maybe they can do that already on the hotel WiFi.Edit: fixed brain-fart - rule should be on LAN, like stephen's comment
-
You may want to add some exceptions to that rule to allow the PC to get updates to whatever OS it's running.
Steve
-
ok thanks for the help, i will try and see what i can do
-
Add a rule on WAN blocking all traffic from FrontOfficePC to !LANsubnet
Re-reading this, that rule should be on LAN. Unless there's something I'm not seeing. ;)
Steve
-
Depending on the version of Windows (I'm assuming Windows since you didn't say) you can restrict what people can run.
