General discussion

  • Creator
    Topic
  • #2180599

    Block Internet Access

    Locked

    by rway ·

    We are currently running Windows 2003 Server. Most clients are running XPpro. Our ISP hosts our web site and our email. I am currently blocking some clients from accessing the Internet using the small router tied to the Internet. I can block their access using the MAC address (but only 20). I also have some clients that are using email but are not allowed to have Internet access. I have unblocked their MAC address from the router and used Group Policy (local) to block certain programs such as IE. We have started using some new software that requires the use of IE. This requires that I must unrestrict the use of IE in Group Policy. For those that need email this will also give them Internet access. My question is, is their a way to block a certain MAC address and port (port 80)combination from accessing the outside world but still allow it to work on the Intranet? Is there a firewall device that will do this?

    Thanks

All Comments

  • Author
    Replies
    • #3147288

      Reply To: Block Internet Access

      by rob miners ·

      In reply to Block Internet Access

      Techrepublic have a good article on this. It helped me out.

      http://techrepublic.com.com/5100-1009_11-5838360-1-1.html?tag=search

      If the above link doesn’t work do a search for this.

      Learn two ways to disable Internet Explorer

    • #3147205

      Reply To: Block Internet Access

      by anil_koushal ·

      In reply to Block Internet Access

      It will be better to install an IPTABLES based firewall and you will have full freedom to block anything without any limitation. if you have enough money then you may purchase firewall box like watchguard,pix, checkpoint etc.

    • #3146461

      Reply To: Block Internet Access

      by sprinkl3s ·

      In reply to Block Internet Access

      instead of doing this at the firewall level why not use a group policy. make a group policy to change the proxy addresses 0.0.0.0 and set it so that it does not use the proxy address for the intranet sites.

    • #3169087

      Reply To: Block Internet Access

      by nayeem ·

      In reply to Block Internet Access

      You can use ISA server which will solve all your issues without any problems.

    • #3169039

      Reply To: Block Internet Access

      by jordanspcrepair ·

      In reply to Block Internet Access

      You could disable the DHCP client service on the client computers that you don’t want on the internet, but still want to be able to use the network. use the services.msc to disable the DHCP client service.

    • #2601399

      Using GP to restrict internet access

      by brad ·

      In reply to Block Internet Access

      I recently created a Group Policy IP Security Policy which allows restriction of internet access altogether to machines within that OU, but which can also be filtered to simply allow blocking of access to specific DNS hosts.
      If anyone still needs and answer tot his issue, please let me know.

    • #2634646

      Another scenario

      by rafal ·

      In reply to Block Internet Access

      What if I want to block a user from accessing the internet/email but only when he does it on one PC. Let’s say you have a PC that you want network access but only local.

      I was thinking of disabling run on the executables. Can anyone think of another way to do it?

    • #2632609

      Reply To: Block Internet Access

      by surprize_4_u ·

      In reply to Block Internet Access

      Hi,
      Thanx for your lovely Concept.
      I want to ask how to block Client’s Mac Addresses By Using ISA SERVER 2006 which is installed in windows 2003 Server.

      Waiting for your early Response

      Thanx & Regds

      ADIL HANIF

    • #2554034

      Reply To: Block Internet Access

      by zay1967 ·

      In reply to Block Internet Access

      you can use a fake proxy server address, that will prevent internet access but allow intranet access.

      • #2993894

        Internet is blocked, how about only some Intranet sites

        by ddruda ·

        In reply to Reply To: Block Internet Access

        Through the GPO, I use the fake proxy, I tell it to use the proxy for local addresses, and I tell it to bypass the proxy for certain specific local addresses. It will only recognize FQDN’s. If I use just the server name, it fails. For example, http://server.domain.com works. http://server does not.
        Without the GPO in force, either name works successfully.
        Any thoughts what may be happening?

Viewing 8 reply threads