General discussion

Locked

Lock Down Internet Access

By ububbaron ·
I administer a small network, Single SBS 2003 Server and 10 workstations. The network gets internet access through a broadband connection hooked into the server through a second NIC. Pretty basic setup. The domain security locks down everything except the internet connection. If I plug a laptop or PC running most any operating system into one of the network ports, I cannot access domain resources, but I can get right onto the internet without authentication of any type. I'd like to lock that down...is there anyway in SBS 2003 to require domain authentication or some other password protection before allowing access to the internet connection?

This conversation is currently closed to new comments.

12 total posts (Page 1 of 2)   01 | 02   Next
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by CG IT In reply to Lock Down Internet Access

ISA server which comes with the premium edition of SBS 2003 or you can opt for something like a Sonicwall TZ 170 firewall/symantec 320/360 firewall or a proxy server.

Collapse -

by ububbaron In reply to

Poster rated this answer.
I should have mentioned I have SBS 2003 Standard...I'm looking for a solution within that OS, without purchasing something else.

Collapse -

by sgt_shultz In reply to Lock Down Internet Access

i'll just throw this out on the stoop and see if the cat licks it up...
don't offer dhcp?

Collapse -

by BFilmFan In reply to Lock Down Internet Access

IPSEc is your answer. It is part of the Win2K3 opearating system TCP/IP stack.

Using IPSec you can easily filter who can and cannot reach the Internet. There is a small cost to the server for processign overhead.

IPSEC overview:

http://www.windowsecurity.com/articles/Windows_Server_2003_IPSec_Part1.html

http://www.windowsecurity.com/articles/Windows_Server_2003_IPSec_Part2.html

And a ton of other IPSec articles:

http://www.securitydocs.com/Operating_System/Microsoft/Windows_2003

Collapse -

by ububbaron In reply to

It might be there...I read for a couple hours and didn't see. I am an amateur, hence why I am seeking the assistance. If you can point me a little closer to the specifics of the how-to, I?d be glad to give you the points.

Collapse -

by collignond In reply to Lock Down Internet Access

One option is to use a proxy server.
One that I know of that works well is squid, originally written for linux, there is a windows version. The installation that I saw was on a linux box pulling authentication info from a NDS database. I have played with it a little and it seems to be configurable for ust about any setup you could need.

Collapse -

by ububbaron In reply to

Thanks, but I am looking to do this without adding another piece of software to the mix.

Collapse -

by Fred King In reply to Lock Down Internet Access

You may find your answer here:
The ability to successfully repel an external or internal threat hinges on a tight infrastructure.

http://www.microsoft.com/technet/security/smallbusiness/topics/serversecurity.mspx

I hope that helps...

Collapse -

by ububbaron In reply to

It might be there...I read for a couple hours and didn't see. I am an amateur, hence why I am seeking the assistance. If you can point me a little closer to the specifics of the how-to, I?d be glad to give you the points.

Collapse -

by Sardukkan In reply to Lock Down Internet Access

I know that this is a old post and this solution is not for sites with users with a little bit of Savey... You do each station you want to disable Inet access on and change. Open
Inet explorer / tools / inet option / connections / Check "Use a proxy server" enter a loop back ip 127.0.0.1 and click ok. The PC will not be able to access the internet and it won't affect the local LAN

Back to Networks Forum
12 total posts (Page 1 of 2)   01 | 02   Next

Related Discussions

Related Forums