Block Internet Access while Allowing Local Area Network (LAN) Access
You can configure Comodo Firewall to block Internet access while allowing free connections to an internal network (Intranet or LAN).
Example scenarios:
-
In your network at home, you want your child's computer to connect to other computers at home but disable Internet access to them for safety reasons
-
In your corporate network, you want your employee's computers to connect to your local network machines but disable Internet access for them for bandwidth restrictions
To selectively block connection to Internet whilst allow connection to internal network you need to create a Global Rule under Advanced Firewall Settings and password protect your configuration to prevent others from altering it.
To create a Global Rule
-
Open 'Tasks' interface by clicking the green curved arrow at top right of the 'Home' screen
-
Open 'Firewall Tasks' by clicking 'Firewall Tasks' from the Tasks interface and click 'Open Advanced Settings'.
-
Click 'Global Rules' under Firewall from the left hand side pane
-
Click the handle from the bottom and choose 'Add' from the options. The Firewall Rule interface will open.
-
Choose the following options from the drop-down menus:
- Action = Block
- Protocol = IP
- Direction = Out
-
Enter a description for the new rule in the Description text box.
-
Click the 'Source Address' tab, choose 'IPv4 Single Address' or 'IPv6 Single address' as per your network and enter the IP address of the computer in the IP text box.
-
Click the 'Destination Address' tab, choose 'Network Zone' from the Type drop-down and choose your local area network from the 'Zone' drop-down.
-
Click the 'IP Details' tab and choose 'Any' from the 'IP Protocol' drop-down.
-
Click 'OK'. The created policy will be added to the list of Global Rules.
-
Select the rule, click the handle from the bottom and click 'Move Up' repeatedly until the rule moves to the first position.
-
Click 'OK' for your configuration to take effect.
Your Firewall is now configured to allow access to internal network but to block Internet access. Now you need to password protect this configuration to prevent others from changing it.
To password protect your configuration
-
Open 'Tasks' interface by clicking the green curved arrow at top right of the 'Home' screen
-
Open 'Advanced Tasks' by clicking ' Advanced Tasks' from the Tasks interface and click 'Open Advanced Settings'.
-
Click 'User Interface' under General Settings from the left hand side pane
5. Enter and confirm your password then click OK. Make sure to create a strong password containing a mixture of uppercase and lowercase characters, numbers and symbols so that it cannot be easily guessed by others.
The configuration is now password protected. From the next attempt to change any configuration changes to CIS, you will be prompted to enter the password to proceed.