Easiest way to block Internet access for LAN-only home server?

[Kaido]

Putting up a Windows XP Home computer for my home file server; I don't want it to have Internet access, just LAN access. What's the easiest way to do this? I'm thinking just edit the allow list in the ZoneAlarm file to exclude everything but the LAN IPs.

 

[cleverhandle]

I'm not sure I see the point in doing this - I would still want to be able to access Windows Update... But all you need to do is leave the default gateway blank in the interface configuration, assuming the server is using a static configuration.

That's assuming that you're talking about the server accessing the internet, and not vice versa... maybe I'm misreading...

 

[Kaido]

Originally posted by: cleverhandle
I'm not sure I see the point in doing this - I would still want to be able to access Windows Update... But all you need to do is leave the default gateway blank in the interface configuration, assuming the server is using a static configuration.

That's assuming that you're talking about the server accessing the internet, and not vice versa... maybe I'm misreading...

Nah, no Internet access. It's just going to sit there and serve up files on the LAN and do backups, doesn't need the Internet for anything.

 

[RebateMonger]

The "best" way to do this depends on whether you want to keep OTHERS from using the PC to access the Internet. If you don't have that worry, one easy way (as already mentioned) is to remove the "Default Gateway" setting for the NIC. Without a Default Gateway setting, it won't be able to reach any network except for the local one.

 

[Kaido]

Originally posted by: RebateMonger
The "best" way to do this depends on whether you want to keep OTHERS from using the PC to access the Internet. If you don't have that worry, one easy way (as already mentioned) is to remove the "Default Gateway" setting for the NIC. Without a Default Gateway setting, it won't be able to reach any network except for the local one.

Yeah, I only want the server box to talk to the local network. How do I remove the default gateway setting for the nic?

Edit: A bit more on the network setup - cable modem with linksys wireless router. Server will be connected directly to router, all other boxes will be on wireless. Nothing will actually go through the server. Server will mainly be used for SMB (file sharing) and VNC for remote access administration.

 

[cleverhandle]

Originally posted by: Kaido
Yeah, I only want the server box to talk to the local network. How do I remove the default gateway setting for the nic.

In the same place you set the NIC's IP address and such (which Windows makes such a pain to quickly click to). I usually do right-click Network Neighborhood->Properties, right-click the connection->Properties, Internet Protocol, Properties. The IP configuration is in there.

 

[eminemrh25]

What I would do if I was you, is go into your router configuration, and block every port for the IP of the Server..

 

[Cloud Strife]

Originally posted by: eminemrh25
What I would do if I was you, is go into your router configuration, and block every outbound port for the IP of the Server..

fixed.