Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

How can I force users to use proxy server, but still have them be able to a home internet connection on their laptop?

Posted on 2008-10-13
2
Medium Priority
?
670 Views
Last Modified: 2012-05-05
Hello,

We are using ISA server 2006 as a proxy server for our network.  We need to force our users to use the proxy server, however we also need them to be able to connect to the internet using their home internet connections as well.  When we lock the setting in the GPO, they cant change it at home, when we unlock it they can choose to bypass the proxy on the local computer.

I know there has to be a way to enforce the use of the proxy.
0
Comment
Question by:caw01
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 2000 total points
ID: 22708802
You need a business-class device on the outside of ISA that can be configured with access control lists. You would set the acl's to only accept outbound http/https traffic from the ISA server IP address (and other selected source ip's).

If the users then remove the proxy settings then they would access the gateway using their own source IP and the external device would reject the request.

This is quite a common requirement

Keith
0
 

Author Comment

by:caw01
ID: 22961670
We found other ways to do this such as auto discovery, but applications that are not auto dioscovery aware bypass the proxy.  At the end of the day, we ended up supernetting our network, moving DHCP to the new range and configured out Cisco ASA not to allow HTTP traffic from that range.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have been asked to explain on many, many occasions the correct way to setup network cards and DNS settings on ISA Server 2004, 2006 and forefront Threat management gateway (FTMG) and have willing done so. I have also promised my self everytime tha…
I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
Video by: ITPro.TV
In this episode Don builds upon the troubleshooting techniques by demonstrating how to properly monitor a vSphere deployment to detect problems before they occur. He begins the show using tools found within the vSphere suite as ends the show demonst…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question