General discussion


Block Internet Access

By rway ·
We are currently running Windows 2003 Server. Most clients are running XPpro. Our ISP hosts our web site and our email. I am currently blocking some clients from accessing the Internet using the small router tied to the Internet. I can block their access using the MAC address (but only 20). I also have some clients that are using email but are not allowed to have Internet access. I have unblocked their MAC address from the router and used Group Policy (local) to block certain programs such as IE. We have started using some new software that requires the use of IE. This requires that I must unrestrict the use of IE in Group Policy. For those that need email this will also give them Internet access. My question is, is their a way to block a certain MAC address and port (port 80)combination from accessing the outside world but still allow it to work on the Intranet? Is there a firewall device that will do this?


This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

by Jacky Howe In reply to Block Internet Access

Techrepublic have a good article on this. It helped me out.

If the above link doesn't work do a search for this.

Learn two ways to disable Internet Explorer

Collapse -

by anil_koushal In reply to Block Internet Access

It will be better to install an IPTABLES based firewall and you will have full freedom to block anything without any limitation. if you have enough money then you may purchase firewall box like watchguard,pix, checkpoint etc.

Collapse -

by sprinkl3s In reply to Block Internet Access

instead of doing this at the firewall level why not use a group policy. make a group policy to change the proxy addresses and set it so that it does not use the proxy address for the intranet sites.

Collapse -

by nayeem In reply to Block Internet Access

You can use ISA server which will solve all your issues without any problems.

Collapse -

by jordanspcrepair In reply to Block Internet Access

You could disable the DHCP client service on the client computers that you don't want on the internet, but still want to be able to use the network. use the services.msc to disable the DHCP client service.

Collapse -

Using GP to restrict internet access

by brad In reply to Block Internet Access

I recently created a Group Policy IP Security Policy which allows restriction of internet access altogether to machines within that OU, but which can also be filtered to simply allow blocking of access to specific DNS hosts.
If anyone still needs and answer tot his issue, please let me know.

Collapse -

Brad - Requesting info on Filtering internet access with GPO

by dlwells1 In reply to Using GP to restrict inte ...

Brad, would really like to get the answer to the issue regarding you Group Policy IP Security Policy allowing internet restrictions.. please reply to

Thank you, Dave

Collapse -

by bissell In reply to Using GP to restrict inte ...

I too would like to see what you did to limit internet access via GP - please send to

Thank You!

Collapse -

Brad Letting you know

by Batman9526 In reply to Using GP to restrict inte ...

Brad, Trying to do this on a network using windows 2003 any help would be great. Contact me at

Collapse -

Info Please

by ckmorgan78 In reply to Using GP to restrict inte ...

I coudl really use thsi information. I have several station that need to be clocked from internet traffic but will still need to be able to use their browser for intranet stuff.

Thnaks in advance.

Related Discussions

Related Forums