Questions

How can I block LAN IP?

+
0 Votes
Locked

How can I block LAN IP?

silvacala
I have a computer in my LAN (unfortunately I cannot find it) which generates extremely high internet traffic. How can I block this specific IP from using internet?
Please answer. Thanks in advance

Clarifications

robo_dev

What type of LAN?

Is this your home wireless lan or a company wired network?

  • +
    0 Votes
    jemorris

    Also do you have administrator access to your router/switch?

    +
    0 Votes
    plevin

    Go into your router's connection list and associate each connection with its respective device. You'll probably be able to identify most of the connections. Turn off at the connection list any wireless connections you can't identify, or unplug any wired ones. You'll find out very quickly who the mystery guest is!

    +
    1 Votes
    robert_j_dixon

    If you are using DHCP, use arp, find the offending machines MAC address, then configure the DHCP server not to give that MAC address an IP address, or one that won't route or similar.

    Then wait for the scream :-)

    You might also look-up the MAC to see who made the NIC, to help identify which machine it is.

    +
    0 Votes
    silvacala

    I have administrative privileges to the router, and we dont use dhcp, it's not wireless network, it is a wired network.

    +
    0 Votes
    silvacala

    I have administrative privileges to the router, and we dont use dhcp, it's not wireless network, it is a wired network.

    +
    0 Votes
    tmcclure

    If you have a central firewall, you may be able to block internet traffic to and from the offending host.

    +
    1 Votes
    VBJackson

    If you know the specific IP address, and can add rules to your firewall, then the best option is to add a rule "Deny [IP Address] Outbound ANY" as the first rule ( or however you firewall displays the rules).
    This will block the user from all internet access.
    I would also recommend that you log back in to the firewall after a couple of days and make sure the rule is still there, just in case the problem user turns out to be someone that ALSO has access to the firewall.

    +
    2 Votes

    If the pc i sconnected to a switch you can look for the mac address at the switch to see witch port the mac address is connected to.
    This way you can find the pc or shutdown the switchport the pc is connected to.

    +
    1 Votes
    jwaustin

    Create an ACL like 'access-list 43 deny 10.122.12.13' then apply it on the interface that leads to the Internet. Be sure to extend the ACL so it only drops protocols or ports that violate your AUP. Make sure the change is within your authority.

  • +
    0 Votes
    jemorris

    Also do you have administrator access to your router/switch?

    +
    0 Votes
    plevin

    Go into your router's connection list and associate each connection with its respective device. You'll probably be able to identify most of the connections. Turn off at the connection list any wireless connections you can't identify, or unplug any wired ones. You'll find out very quickly who the mystery guest is!

    +
    1 Votes
    robert_j_dixon

    If you are using DHCP, use arp, find the offending machines MAC address, then configure the DHCP server not to give that MAC address an IP address, or one that won't route or similar.

    Then wait for the scream :-)

    You might also look-up the MAC to see who made the NIC, to help identify which machine it is.

    +
    0 Votes
    silvacala

    I have administrative privileges to the router, and we dont use dhcp, it's not wireless network, it is a wired network.

    +
    0 Votes
    silvacala

    I have administrative privileges to the router, and we dont use dhcp, it's not wireless network, it is a wired network.

    +
    0 Votes
    tmcclure

    If you have a central firewall, you may be able to block internet traffic to and from the offending host.

    +
    1 Votes
    VBJackson

    If you know the specific IP address, and can add rules to your firewall, then the best option is to add a rule "Deny [IP Address] Outbound ANY" as the first rule ( or however you firewall displays the rules).
    This will block the user from all internet access.
    I would also recommend that you log back in to the firewall after a couple of days and make sure the rule is still there, just in case the problem user turns out to be someone that ALSO has access to the firewall.

    +
    2 Votes

    If the pc i sconnected to a switch you can look for the mac address at the switch to see witch port the mac address is connected to.
    This way you can find the pc or shutdown the switchport the pc is connected to.

    +
    1 Votes
    jwaustin

    Create an ACL like 'access-list 43 deny 10.122.12.13' then apply it on the interface that leads to the Internet. Be sure to extend the ACL so it only drops protocols or ports that violate your AUP. Make sure the change is within your authority.