Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

How to filter certain workstations or laptops from accessing Internet in WIN 2000 Server?

Posted on 2006-07-11
11
Medium Priority
?
299 Views
Last Modified: 2012-05-05
I have a WIN 2000 Server with ADSL through a lnksys router that my clients have access to the internet.  I want certain PC's and laptop who log unto the server as a user to not have access to the internet.  Or should I do this through the LINKSYS Router?  Any help is appreciated.
0
Comment
Question by:scatcom
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 2
  • +1
11 Comments
 
LVL 104

Expert Comment

by:Sembee
ID: 17084620
Do you want to stop anyone who uses certain machines from accessing the internet?
Or certain users on any machines?

If anyone on certain machines then the easiest way is to reserve an IP address in DHCP and then don't set a default gateway for that machine.

If for certain users, then use a group policy to set dummy proxy settings in Internet Explorer.
Will not stop someone using firefox on their machine - if they can install it.

Otherwise you need something where access can be authenticated - a proxy of some kind. I don't think any of the Linksys routers have that capability, so it would have to be a third party product.

Simon.
0
 

Author Comment

by:scatcom
ID: 17085489
DCHP (Server right?) and don't set the default gateway to the router itself? or gateway to the ISP settings?
0
 
LVL 104

Expert Comment

by:Sembee
ID: 17085617
If you operating in a domain, then the DHCP server should be a Windows 2000 machine. If you are using a router as the DHCP server then you don't have the control over the DHCP that you need.

Don't set any default gateway - so that the machines only get an IP address, subnet mask and DNS server.

Simon.
0
Plug and play, no additional software required!

The ATEN UE3310 USB3.1 Gen1 Extender Cable allows users to extend the distance between the computer and USB devices up to 10 m (33 ft). The UE3310 is a high-quality, cost-effective solution for professional environments such as hospitals, factories and business facilities.

 

Author Comment

by:scatcom
ID: 17086076
I'll give that a try and see if it works.......
0
 
LVL 12

Expert Comment

by:Einstine98
ID: 17087145
ISA server would be ideal for this kind of job, but i you can afford it
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 17087321
if you are going to take the route of not setting a gateway, then block users manually entering one...! 99% of the time the gateway is the .1 address and it doesnt take a genius to know how to insert an address...i like the false proxy idea myself, thats what i use then block them changing it :)
0
 

Author Comment

by:scatcom
ID: 17095500
So do I block the users in the router or in the server?
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 17095510
via the server with group policy
0
 

Author Comment

by:scatcom
ID: 17095538
Create group policy first and then add users to this policy?  And if so, how do I construct this policy specifically to a false proxy scheme? thanks!!
0
 
LVL 48

Accepted Solution

by:
Jay_Jay70 earned 500 total points
ID: 17095560
create a seperate group policy with this false proxy

User Configuration\Windows Settings\Internet Explorer Maintenance\Connection:

then stop the changes

Administrative Templates\Windows Components\Internet Explorer\Disable changing proxy settings

add this policy to your desired OU and use securitly filtering to get rid of the users you DONT want it applied to

http://www.windowsnetworking.com/articles_tutorials/Group-Policy-Security-Filtering.html
0
 

Author Comment

by:scatcom
ID: 17095574
Thanks everyone....
0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preface There are many applications where some computing systems need have their system clocks running synchronized within a small margin and eventually need to be in sync with the global time. There are different solutions for this, i.e. the W3…
Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question