How to prevent LAN from connecting to a wireless router

If the network cable on the switch or router is connected directly to the LAN port of the wireless router, this is equivalent to using the wireless router as a switch, which is actually equivalent to a wireless AP. This way through the wireless Internet access to the computer IP address, gateways and other information and LAN wired Internet access to the computer is completely consistent, then aggregated network management can naturally scan wireless internet computers (such as notebooks, mobile phones, tablets), control wireless Internet access to the computer network behavior, and the cable computer network control exactly the same.

If you are connecting a switch or router's network cable directly to the wireless router's WAN port, then the Internet through the wireless router computer access to the gateway IP address is the wireless router LAN port IP address, and the IP address is also natural and gateway IP address in the same network segment. For example, wireless router LAN port IP address is generally 192.168.0.1, the wireless Internet access to the computer gateway IP address is 192.168 0.1, and the IP address is 192.168.0.X. In this case, aggregated network management if it is through the wired Internet computer control LAN, will be because the IP address segment and gateway address is completely different and can not be scanned to the Internet through the wireless router computer. However, aggregated network management can scan to the wireless router, because the wireless router's WAN port IP address and aggregated network management computer IP address in the same IP segment, at the same time the IP address of the gateway is exactly the same. Therefore, for this approach, the network administrator can control the following:

Control the Internet behavior of the wireless router like the LAN cable computer. Because aggregated network management will scan the wireless router's IP address and MAC address, it is natural to control the Internet, like other computers on the LAN, control the wireless router with the computer online, and the control of the wireless router after all through the wireless router Internet access to the computer will be controlled. For example, you prohibit wireless router QQ chat, control wireless router Thunder download, then all through the wireless router Internet access to the computer can not login QQ chat can not be carried out thunder download.

If you want to specifically monitor the Internet behavior of each computer under the wireless router, then the network administrator only needs to plug a USB wireless network card (if it is a desktop, aggregated network management company) and successfully connect to the wireless router through the wireless network card in the computer that installs aggregated network management. Then start again aggregated network management based on the wireless network card access to IP information, gateway information to create a monitoring network segment, and then start monitoring the wireless network segment can be. This way in the lower right corner of the computer there will be two aggregated network management at the same time, a monitoring of the wired LAN, a wireless router to monitor the internet behavior of the computer, thus realizing the wired and wireless network structure of a mix of internet behavior management.

If you want to prohibit the LAN private access to the wireless router, wireless router to prohibit the internet is also relatively simple. Because the aggregated network management system can scan to the LAN all computer's IP address, MAC address and host name, and aggregated network management also provides the host notes function, that is, you can use the computer's employee name to add a note to the computer, so you can also find the wireless router IP and MAC address, Then you can use aggregated network management to prohibit wireless routers, wireless AP Access, of course, you can also set up in the router MAC address filtering to prohibit wireless router access and access to the Internet.

In addition, because the LAN installed wireless router may also cause some network security management problems (due to the barrier of wireless routers, so that we can not accurately know the specific staff of the Internet behavior); At the same time, in the company's local area network, there are often companies outside staff, non-company employees carry notebooks, Tablet computer or mobile phone, etc. access to the local area network, access to important internal sharing files, access to the Internet, such as foreign computers or network equipment to the enterprise's trade secrets and intangible assets of the security cause a major hidden danger; In addition, some skilled outsiders may also run some sniffer software, Network grab software or hacker software to steal the company's trade secrets, employee privacy information, etc. in addition, the Internet behavior of foreign personnel is also very easy to spread virus Trojan, to seize the LAN broadband resources and so on, so that the enterprise LAN network security, smooth operation of the network has caused serious impact. To this end, we must take certain means to prohibit foreign computer access, prevent the company's computer access to corporate LAN, to prevent LAN sniffing, prevention of network grasping packets, etc., in addition to prevent ARP attacks, computer agents to prohibit Internet access or acting as a proxy server and so on. In this case, we can use the extension of aggregated network management-the trend to the intranet security guards to achieve, interested in network management can login aggregated network management website for detailed understanding.

In short, LAN monitoring, must effectively manage the wireless router, monitor wireless AP network environment computer Internet behavior, to prevent the Internet through the wireless router caused by improper expansion, as well as to network security caused by potential hazards!