our isa server setup is
1- i created 3 groups i.e admin,faculty,student on ADS , and add users to their respective groups.
2- then i create site and content rule and protocol rule on isa server.
i.e For i. Admin group=all protocols are allow
ii. Faculty group=all protocols are allow except msn
iii. student group=only http and https protocol are allow
student are use internet only on library ( 3 computers in library) which have following ip addresses.. 10.0.9.1,10.0.9.2 and 10.0.9.3
and in Lab's pc ip configuration are:
10.0.1.1-10.0.1.14 for lab1
10.0.2.1-10.0.2.14 for lab2
10.0.3.1-10.0.3.14 for lab3
10.0.4.1-10.0.4.14 for lab4
bco'z i want users (students) not access internet on lab pc,
i create a deny internt access protocol rule in which i add the above ip address ie
my question or my problem is:
i want others i.e faculty members and admin persons can use internet facility in everywhere including lab pc's. (but due to deny ip address rule , they can not access internet on lanb pc).
how can i configure this:
1- students can access internet only on library . (ipaddress are 10.0.9.1-10.0.9.3).
2-faculty members and admin persons can use internt every where including labs pc.
in some times i need to allow
3- student use internet access on lab pcs for limited time period.
How can i configure all these.