Solved

How can I force users to use proxy server, but still have them be able to a home internet connection on their laptop?

Posted on 2008-10-13
2
621 Views
Last Modified: 2012-05-05
Hello,

We are using ISA server 2006 as a proxy server for our network.  We need to force our users to use the proxy server, however we also need them to be able to connect to the internet using their home internet connections as well.  When we lock the setting in the GPO, they cant change it at home, when we unlock it they can choose to bypass the proxy on the local computer.

I know there has to be a way to enforce the use of the proxy.
0
Comment
Question by:caw01
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 500 total points
ID: 22708802
You need a business-class device on the outside of ISA that can be configured with access control lists. You would set the acl's to only accept outbound http/https traffic from the ISA server IP address (and other selected source ip's).

If the users then remove the proxy settings then they would access the gateway using their own source IP and the external device would reject the request.

This is quite a common requirement

Keith
0
 

Author Comment

by:caw01
ID: 22961670
We found other ways to do this such as auto discovery, but applications that are not auto dioscovery aware bypass the proxy.  At the end of the day, we ended up supernetting our network, moving DHCP to the new range and configured out Cisco ASA not to allow HTTP traffic from that range.
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How to migrate from 2003 SBS to 2012 R2 as DC? 1 72
Auslogics BoostSpeed 9 software 5 90
why user can't see mapped share folder 8 63
Cannot take ownership of a folder 8 81
This may not be a text book method to resolve VSS backup issues but it seemed to have worked on few of the Windows 2003 servers we had issues while performing a Volume Shadow Copy backup. If you have issues while performing a shadow copy backup usin…
I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question