Deploy WFilter with a win7 gateway and a wireless AP

4.1

Author:
IMFirewall Software
HomePage:
http://www.imfirewall.us

Usually, a manageable switch or router with "port mirroring" feature is required for correct WFilter deployment. In case you only have a wireless router which does not support "port mirroring", you can try this solution, which is also simple to deployment.

The point is to "configure the WFilter PC as your internet gateway and turn the wireless router into a wireless AP."

The network topology diagram:



Figure 1

1 Configure the WFilter PC as internet gateway

The first step is to make the WFilter PC acting as your internet gateway. The WFilter PC shall have two network adapters, one for internet access( usually connected to an ADSL modem), another one for local subnet(shall be configured as "obtain ip address automatically).

We use Win7 in this example. And you're supposed to have setup internet connection in WAN network adapter(NIC1).

1.1 Sharing Internet to local subnet

Click "Sharing" in "Properties" of the adapter which is connected to internet in "Control Panel"->"Network and Internet"->"Network Connections", and choose "Allow other network users to connect through this computer's internet connection". (Figure2)



Figure 2

Now, another adapter("LAN Connection") will be assigned the ip address 192.168.137.1 (It will be 192.168.0.1 in windows XP).



Figure 3

This 192.168.137.1 is the gateway ip address for local subnet devices to access internet. To make it work for wireless devices, you also need to modify your wireless router's settings.

2 Turn your wireless router into a wireless AP

Because the WFilter PC is sharing its internet, we only need the wireless router to act as a wireless AP.

Please leave the WAN interface dis-connected, and connect the "LAN Connection" adapter of the WFilter PC to a LAN interface of your wireless router(Can be every LAN interface, usually connect to LAN1).

2.1 Modify Lan interface ip address

Assign ip address "192.168.137.2" to the lan interface. If the WFilter computer is windows XP, the ip address shall be "192.168.0.2".



Figure 4

2.2 Disable DHCP service

Because the WFilter PC is serving DHCP, now you need to turn off the dhcp service of the wireless router to avoid conflicting.



Figure 5

3 WFiler

The last step is to configure the "LAN Connection" adapter as the monitoring adapter in "Monitoring Settings" of WFilter. Then you're able to monitor and filter local network users.



Figure 6