peter_chong
asked on
VPN and Internet Access Conflict
Dear EE members,
I have a proxy server to control end-user internet access. Currently, we have implement a VPN where
it must link to an internet site 'A' to get email. By adding the HQ company 's DNS to point to 'A' , it also
enable the end-user to access internet.
I don't want the end-user to access internet by pointing to 'A'.
I want to point to 'A' and access 'A' only.
It is very confusing..
Any guideline?
Regards,
Peter
I have a proxy server to control end-user internet access. Currently, we have implement a VPN where
it must link to an internet site 'A' to get email. By adding the HQ company 's DNS to point to 'A' , it also
enable the end-user to access internet.
I don't want the end-user to access internet by pointing to 'A'.
I want to point to 'A' and access 'A' only.
It is very confusing..
Any guideline?
Regards,
Peter
ASKER
Dear EE member,
We have wingate proxy server in one machine and a cisco router to A. Where the cisco router is a firewall and vpn purpose.
Regards,
Peter
We have wingate proxy server in one machine and a cisco router to A. Where the cisco router is a firewall and vpn purpose.
Regards,
Peter
Wingate Proxy can be configured with a Deny all and then an exception for the 1 host you are trying to hit.
-or-
Remove the dns settings so that your box will not hit A anymore. THen use a hosts file instead with the single entry for A for resolution.
-or-
Remove the dns settings so that your box will not hit A anymore. THen use a hosts file instead with the single entry for A for resolution.
ASKER
Dear EE members,
If I add an entry to hosts file:
should I use local ip for A site,since it is VPN
or
use internet ip for A site.
If I use internet ip for A site, then the user not authorised for internet access cannot access A.
We have about 50 users in the office, should I manually go to each pc to amend their hosts file?
Any better way?
Any suggestion and futher explaination?
Point added.
TQ.
Regards,
Peter
If I add an entry to hosts file:
should I use local ip for A site,since it is VPN
or
use internet ip for A site.
If I use internet ip for A site, then the user not authorised for internet access cannot access A.
We have about 50 users in the office, should I manually go to each pc to amend their hosts file?
Any better way?
Any suggestion and futher explaination?
Point added.
TQ.
Regards,
Peter
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
What kind of proxy are you running? Also, if I read this correctly, you did not have a local DNS server? You only had a dns entry when you pointed the to hq's DNS?