ARP Exclusions
ARP Exclusions are used to block WinProxy from routing an internal address out to the Internet, thus preventing you from connecting to it. The ARP Exclusion works simply by not routing any requests to a specific IP address and subnet mask that are entered into the interface. This feature is a part of 'AccessNow Lite' and only works when the 'AccessNow Lite' option is checked in WinProxy (File > Settings > General tab).
To access the ARP Exclusions, open a browser and go to http://admin.winproxy from client computer, or, from the WinProxy computer, enter in http://localhost, then click on the ARP Exclusions tab.
To create a new exclusion, click the 'New' button, enter in the IP address of the computer/print server/etc. on your network that you want WinProxy to ignore connections to, enter in the subnet mask for a single computer (255.255.255.255), then save the settings. WinProxy will now ignore any requests on the network to the IP address that was entered.
You can exclude an entire range of IP addresses, you just need to use the proper subnet mask. Below are some examples of how to exclude a single IP, multiple IP's, and a range of IP's. Let's assume you have a network set up with three segments; 90.0.0.0, 90.0.1.0, and 90.0.2.0 All three segments route their Internet connections out through WinProxy.
Let's say that our network is set up in this way:
- There is a print server at 90.0.0.100, and another at 90.0.1.100
- There is a web server called 'intranet' at 90.0.0.101
- The 90.0.2.0 network is simply used for testing, and does not need Internet access.
Excluding a single connection
In order for the users on your network to connect to the 'intranet' server through a browser, you would create a new exclusion, enter in the IP address 90.0.0.101, and the subnet mask of 255.255.255.255 To do this, open a browser, and connect to http://admin.winproxy If you are on the WinProxy computer, you can enter in http:/ /localhost instead. Then we click on the ARP exclusions link, then the 'New' The reason that you use all 255's in the subnet mask is that you are designating a single computer on the network. If you were to enter the standard class C subnet (255.255.255.0), you would be telling WinProxy to ignore connections all computers on the network (see the sample excluding a range of IP's)
Excluding several IP's
To exclude several IP addresses, we will enter each one in individually. Let's exclude our two print servers, so that our users can print their documents. Connect to the admin interface in a browser and click on the arp exclusions link. Each IP address that we want to exclude will need to be entered in individually. Even though the 90.0.1.100 print server is on a different segment, we can still exclude it so that users on all three segments can still connect. Once again, the subnet mask that we want to use is 255.255.255.255, indicating a single IP address.
Excluding a Range of IP's
Here we have a range of IP addresses that we want to have WinProxy ignore. Let's use our imaginary test network, located on the 90.0.2.0 segment. Once again, open a browser and connect to the admin interface, then click on arp exclusion.
This time we are going to enter in 90.0.2.0 as our IP address, and 255.255.255.0 as our subnet mask, then save the settings. The reason for the zero at the end of the subnet is to indicate that all connections to IP addresses in that range are to be ignored.
