Latest Event Updates
Hello, today’s article is about configuring your PTCL ADSL WiFi Router for blocking a “website / URL Link”. The PTCL ADSL WiFi Router I am using comes with a lot of features and security settings. This article is about configuring/using the “Url Filter” feature.
The advantage of blocking on PTCL ADSL WiFi Router is that the website / URL Link will not be accessible to any device (PC, Laptop, Mobile phone, Tablet etc.) present in the network. So, you don’t have to block it one each device or use some software firewall, just add it to the router and its blocked for all the users inside the network.
Note: Please note you can’t block HTTPS webistes/URL Links on your PTCL ADSL WiFi Router. Only HTTP websites will be blocked. If the “green secure” bar/words doesn’t show up in the browser it means the website is on HTTP. Most of the websites are now running on HTTPS.
Current Network Scenario
For this article I am using the following PTCL ADSL WiFi Router
1 Login to the ADMIN WEB PAGE of your router by typing “192.168.1.1” in your web browser. Type the username and password which is written on the backside of your router or on the box of router.
2. On successful username and password, following page will show up
3. Next click on “Advance Setup” then “Parental Control” and then “Url Filter”. Following page will show up.
4. Click on “Add” button and a new web page will show up. In the “URL Address” column type the complete web address of a website you want to block for this example I am blocking Microsoft’ BING website (http://www.bing.com). In “Port Number” type 80. And then click “Apply/Save” button.
5. Make sure “Exclude” is selected
6. Now try to open the website on your WEB Browser of cellphone or laptop or tablet etc. and it should not open, as shown below
Note: User’s in network can still bypass the Url filter security feature by using a PROXY WEBSITE to access the blocked website / URL Link.
Hello, hope you are having a good day or may be not!!! You are confused and frustrated about configuring two routers in your home network (LAN). If you are facing this problem. Just sit back and relax because this tutorial will guide you on how to fix this problem.
Somehow I have got two PTCL routers from the PTCL. Both the routers are ADSL + WIFI routers as shown in the following figures.
New router: SLIM
Old router: FAT
Now the SLIM router is my primary router i.e. the PHONE LINE after DSL SPLITTER comes to this router and all the devices in my home connects to this one via WIFI or a CAT5/6 cable. Now, I have another spare router (FAT) and I want to use this router in another room because I am not getting good signals with my SLIM router. Also, I want this FAT router to be a part of my existing network.
To Install / Configure a PTCL’s ADSL + WIFI router (FAT) in the existing network because we want to install the NEW router in another room to get GOOD WIFI SIGNALS.
1. First you need to find out the network address of your ROUTER that is connected to the INTERNET in my case its the SLIM router. SLIM router is on the “192.168.1.1”, most of the PTCL routers are assigned this private IP address. You can also verify it by typing “192.168.1.1” address in your browser, it will ask you USERNAME + PASSWORD to login. Afterwards you will be shown to a screen similar to following:
2. Now, the second step is to find the network address of our FAT router. Just like the SLIM router it will also be running on the IP address “192.168.1.1”. To connect with this router. I would recommed the following steps:
- TURN OFF your SLIM router
- POWER UP this FAT router
- Connect you PC/Laptop with this FAT router via WIFI or NETWORKING CABLE (CAT 5/6) [ i used the networking cable method]
- LOG into the ADMIN PAGE of this FAT router by typing “192.168.1.1” into your browser
- A similar screen like previous router’s admin page will be shown as shown in the following picture
3. Third step involves configuring this FAT router. So, that we can adjust it in our existing network.
- In the Advanced Setup tab click on the LAN button
- Now change the IP address so that we don’t have any conflict with our SLIM router
- I will be assigning ip address of 192.168.1.100 to this FAT router
- And after this you need to DISABLE the DHCP server
- After this go to the Routing tab and click on Default Gateway button
- Check the Use Default Gateway IP address and assign the IP address of your primary router, in my case it will be 192.168.1.1
- Save settings and reboot your router
- Following figures shows these steps
4. After the restart, this FAT router will be availble to access on the “192.168.1.100” IP address.
5. Now, the next step involves configuring the WIFI of this WIFI router. Give this FAT router a diffrent SSID (name). In my case I am giving it the name of “Free Internet”, you can do whatever you want. If you want to protect your WIFI, you can go to the SECURITY settings and put a password too.
6. Next, you need to physically connect both the WIFI routers via a LAN CABLE (cat6).
Place this FAT router in your desired location / floor.
7. Next, step is to connect with the FAT router via “WIFI”. If you look at the WIFI connections in your operating system in my case its windows. “Free Internet” will be shown.
8. Connect with this “Free Internet”.
9. You will be connected to “Free Internet” but you will not be able to browse/surf any website. Its because of the fact that you have TURNED OFF THE DHCP and your system has not been assigned any IP. To fixed this issue, you will have to manually assign IP Address, Default Gateway, Netmask etc. settings as shown below
10. Save settings and “Disable” and then “Enable” your wireless adapter so that settings gets in.
11. After this, you will be successfully able to use INTERNET from this FAT router. Hurrah !!!
12. Please remember that you will have to do manual configuration of devices (laptop, mobile etc.) that will be connected to FAT router. Else, it won’t work.
Feel free to ask questions if you have any !!!
If you have different routers just remember that you just need to turn off the “DHCP” on the second router and give the second router default gateway IP of the primary router. Thats it.
How to generate XACML policies ? Generating XACML (2.0) policies using Picketbox API (formerly known as Jboss)
XACML stands for eXtensible Access Control Markup Language. The standard defines a declarative access control policy language implemented in XML and a processing model describing how to evaluate access requests according to the rules defined in policies (Source: Wikipedia). This article is particularly about generating XACML based security polices so, I am assuming that you have basic understanding of XACML architecture, its components and tags.
Frankly speaking, I was not able to find a simple program (code), that can generate a policy on one click. This consumed a lot of my time and often made me frustrated. Although, there are few implementations of XACML e.g WSO2 provides a complete XACML based server that can not only generate a security policy but can also evaluate it. I would recommend people to use it. You can find its details over here. But WS02 server is complex to understand and requires a lot of settings before it comes to a running state. Also, to build your custom access control model you may need to code yourself. So, to address these issues and save your time (yes, your time) I am making this post which specifically talks about generating XACML policies on one click.
We will be using Picketbox (Jboss) API for implementation of XACML. The project will be build using Eclipse IDE, running Windows 7 Ultimate (x64) and the language used will be Java. Make sure you have JAVA JDK installed on your system, you can download latest JDK from here. Now lets generate a policy:
1. Download Eclipse from their official website and run it.
2. I m using Eclipse Kepler Java EE version.
3. Go to File —> New Project —> Other —> Java Project. Specify a name, Click next and then finish.
4. A project will be created
5. Since we are using Picketbox API, so we need to import there libraries/JAR files. Download JAR files from here. To import JAR files, right click on the project —> navigate to Build Path —> and click on Configure Build Path.
6. A new window will pop up, click on “Add External JARs”
8. You will see the JARs imported in your project.
10. Copy the source code from this file source_code_JAVA and paste it the class you have just created.
11. Now again, right click on the project, navigate to Run and click on “Run as Java Application”.
12. On successful run, a policy will be generated which will be displayed to console and saved in D drive. You can find this generated security policy here: simple_policy_XML
This is it, I hope this post helps you in configuring Picketbox API for generating XACML policies. In my next post I will provide you guidance about Policy Decision Point (PDP) which basically evaluates a security policy. Feel free to ask questions. Ciao.