Does anyone know if there is an easy way in SBS2003 to restrict certain computers from being able to access the web? The server is acting as both DHCP server and gateway.
Thanks,
Joe
Thanks,
Joe
Small Business Server 2003
- Thread starter Netopia
- Start date
RebateMonger
Elite Member
- Dec 24, 2005
- 11,586
- 0
- 0
As InlineFive mentioned, with ISA 2004, denying Internet access is a mouseclick or two away.
Otherwise, you'll have to resort to "conventional" techniques. These have been discussed several times in the AnandTech Networking Forum:
Removing Default Gateway from each PC.
Pointing browsers to a non-existant Web Proxy server.
Some other tricks that I don't recall right now, but I'm sure some other folks will list.
Otherwise, you'll have to resort to "conventional" techniques. These have been discussed several times in the AnandTech Networking Forum:
Removing Default Gateway from each PC.
Pointing browsers to a non-existant Web Proxy server.
Some other tricks that I don't recall right now, but I'm sure some other folks will list.
I do not believe that it's premium (no sql server).
Since this is all DHCP, I'm not quite sure how I could remove the gateway since it's assigned by the server.
I will have to look into ISA 2004, but I have searched both this forum and the networking forum and have found nothing on this exact topic. That being the case, if anyone wanted to have mercy on me and just let me in on the secret of blocking access to certain machines, I would be very grateful.
Joe
Since this is all DHCP, I'm not quite sure how I could remove the gateway since it's assigned by the server.
I will have to look into ISA 2004, but I have searched both this forum and the networking forum and have found nothing on this exact topic. That being the case, if anyone wanted to have mercy on me and just let me in on the secret of blocking access to certain machines, I would be very grateful.
Joe
You have to block access either at the client or server, and you can either do it via fancy networking or via software (proxy usually)
So, setup a proxy (squid isn't too bad, especially on smoothwall. Not sure if you can smoothwall a non gateway type situation) and block access there, or figure out how to get windows to block certain IP's at it's gateway (cinche in linux, but windows lacks the robust networking tools like IPTables)
So, setup a proxy (squid isn't too bad, especially on smoothwall. Not sure if you can smoothwall a non gateway type situation) and block access there, or figure out how to get windows to block certain IP's at it's gateway (cinche in linux, but windows lacks the robust networking tools like IPTables)
manually configure TCP and put in a dummy gateway? (its what I do on few machines the don't need internet access.
Yeah, I might end up doing that. I set up accounts and such for this company remotely, and they have some other guy deal with the client machines. I'm not sure he's knowledgeable enough to do anything, which is why I was hoping I could configure it at the sever.
Thanks for the suggestions,
Joe
Without ISA, this is one case where Windows lags far behind Linux. Even with ISA, I think they lag, as the linux tools are mature, very versitale, and easy (imho). I'm not real fond of ISA though.
Active Directory group policy. You can lock machines out with zone security settings or you can configure the proxy for the machines you want to lock out there. You can also make it so that users can not undo your settings.
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes Discussion Threads
- Started by Tigerick
- Replies: 21K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
-
-
Facebook
Twitter