Internet Restriction GPO needs allowance for internal addresses on the LAN.
Posted on 2007-04-03
Running Windows Server 2003/XP environment.
I have a GPO for Internet Access and a GPO for Internet Restriction. Internet Access GPO gets full internet access while Internet Restriction GPO is to get only access to the Intranet and then certain websites such as, Fedex.com and a public address to some Citrix apps. My focus here is on the Internet Restriction GPO.
Since I only have a handful of external addresses, I have been going to User Configuration > Windows Settings > Internet Explorer Maintenance > Connection > Proxy Settings and Enabling Proxy Settings and then putting in the loopback address(127.0.0.1:80) as the Address of Proxy and then under the Exceptions box adding a few sites in there. Also checking the box "Do not use proxy server for local (intranet) addresses."
Still, some of our Intranet web pages do not load. The ones that do not load are running off IIS on other servers on our LAN, would this make a difference?
Also, some of the external sites do not open for them either. I'm not as concerned about that as much as the other internal sites not opening.
Any ideas how I can get other internal addresses to open up for this restricted group? Probably the click of the mouse but I've been looking at this for too long now, I think I fried my brain on this subject.