nasemabdullaa
asked on
network problem
hi
our company have network with below specification (in link)
i have 17 VLAN in my network and 400 point for network and internet and i have DHCP server (windows 2003)
my problem is i do not need to made all user to enter to network i mean now the user connect the cable to socket and work without i know
can i made access list in pix firewall or in router to shutdown the some port in access switch (the port i do not need the user to use it to enter to network)
or must i shutdown the port in all switch from switch itself
and i have other question
how i can prevent the user who enter to data base from enter to internet
thanks
our company have network with below specification (in link)
i have 17 VLAN in my network and 400 point for network and internet and i have DHCP server (windows 2003)
my problem is i do not need to made all user to enter to network i mean now the user connect the cable to socket and work without i know
can i made access list in pix firewall or in router to shutdown the some port in access switch (the port i do not need the user to use it to enter to network)
or must i shutdown the port in all switch from switch itself
and i have other question
how i can prevent the user who enter to data base from enter to internet
thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
hi
thanks for your reply
>>> Second question about database, I'm not clear on what is that you're looking for
i have database server and its connect to the same network therfore all computer connect to it connecting to internet
i want to prevent user from enter to internet but can enter to my domain and database
and about first question is there any way to do that from router or pix
thanks
thanks
thanks for your reply
>>> Second question about database, I'm not clear on what is that you're looking for
i have database server and its connect to the same network therfore all computer connect to it connecting to internet
i want to prevent user from enter to internet but can enter to my domain and database
and about first question is there any way to do that from router or pix
thanks
thanks
Naseem,
I still don't understand, you don't want *a* particular user to access internet?
For the first question, there is no way to introduce it on the router or pix but port security is the only solution if you don't want to shutdown the ports.
Cheers,
Rajesh
I still don't understand, you don't want *a* particular user to access internet?
For the first question, there is no way to introduce it on the router or pix but port security is the only solution if you don't want to shutdown the ports.
Cheers,
Rajesh
ASKER
hi
in my network there is database server and its connect to same network (many user use database to enter doc.) about 100 user this user must connect to server (database but not connect to internet)
and i have about 100 user must be able to enter to database server and to enternet
thanks
in my network there is database server and its connect to same network (many user use database to enter doc.) about 100 user this user must connect to server (database but not connect to internet)
and i have about 100 user must be able to enter to database server and to enternet
thanks
Okay so you want to limit just one user, do this;
1. If possible, do not give him a DNS Server address, instead hardcode it.
2. Or, create a fake proxy address and configure it in his web browser, so that whenever he tries, it will die out.
Cheers,
Rajesh
1. If possible, do not give him a DNS Server address, instead hardcode it.
2. Or, create a fake proxy address and configure it in his web browser, so that whenever he tries, it will die out.
Cheers,
Rajesh
ASKER
hi
i want to block web site from pix
thanks
i want to block web site from pix
thanks
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
thanks
ASKER
sorry i lost the link
https://filedb.experts-exchange.com/incoming/ee-stuff/2882-network-diagram.JPG
thanks