Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

How can I block some PCs to the Internet ?

Posted on 2008-10-23
12
Medium Priority
?
270 Views
Last Modified: 2013-12-08
My boss is asking me to block some PCs to the Internet but can still get email using POP3.
What's the easy way to do?

Environment :
Server : 1 x Windows 2003 Standard Server
PCs : 10 x PCs XP Professional SP2
PCs software: NAV version 10
Network Media: Standard Cat 5 Cable
Switch : Simple 16 ports 10/100 Mbps switch hub ( Non-management module )
Router : ADSL modem to Internet

0
Comment
Question by:Joe_LAI
12 Comments
 
LVL 1

Expert Comment

by:lk-data
ID: 22784517
You can do it with an IP Security Policy in Group Policy - Computer Configuration | Windows Settings | Security Settings | IP Security Policies. If you've already assigned an IP Security Policy then edit it to include the blocking of port 80 and 443.
0
 

Author Comment

by:Joe_LAI
ID: 22784590
Is it doing on the server ? All PCs are using manually IP address. No using DHCP at router or server.
PCs IP setting:
IP address 10.0.0.100 - 110
Subnet Mask 255.255.255.0
Default Gateway: 10.0.0.1
DNS : 10.0.0.10
Server  IP setting:
IP address 10.0.0.10
Subnet Mask 255.255.255.0
Default Gateway: 10.0.0.1
DNS : 10.0.0.1
0
 
LVL 1

Expert Comment

by:lk-data
ID: 22784738
Are yout PC's in a Domain?

If yes then you do it on the Server, and it will be put on the workstations at logon. Otherwise you have to do it on every local Workstation, then you have to be sure the users can't access the Group policy settings, or they can remake the settings if they know how to do that...

The IP address has nothing to do with this policy.
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 

Author Comment

by:Joe_LAI
ID: 22785096
Yes, all PCs are in a Domain.
How to select block PCs to IP Security Policy
0
 

Author Comment

by:Joe_LAI
ID: 22785518
I tried to setup but not working. Any other way to do that ?
0
 
LVL 1

Accepted Solution

by:
lk-data earned 1200 total points
ID: 22785613
I found this site, with some screendumps on:

http://www.petri.co.il/block_web_browsing_with_ipsec.htm

0
 
LVL 1

Assisted Solution

by:lk-data
lk-data earned 1200 total points
ID: 22785650
The same site in the buttom there is this link:

http://www.petri.co.il/configuring_ipsec_policies_through_gpo.htm

This is the way to do it on the server, and let the logon distrubute it to the workstations, when the users logon the domain.

0
 
LVL 4

Assisted Solution

by:smittyboom
smittyboom earned 300 total points
ID: 22787002
Simple way to do it.
Open IE>Internet Options>Connections>LAN Settings>Check Use A Proxy Server>type 0.0.0.0. in the box and check the bypass proxy for local sites.
0
 
LVL 9

Expert Comment

by:Sci-Fi-Si
ID: 22790292
Nice one smittyboom, I like the cut of ya jib ma' boy what can I add to that?

Problem solved
0
 
LVL 1

Expert Comment

by:lk-data
ID: 22790375
That's too easy to undo, and the group policy this is one thing you only have to do once, then all there logon to the domain get this group policy, and can't browse the web.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
In threads here at EE, each comment has a unique Identifier (ID). It is easy to get the full path for an ID via the right-click context menu. However, we often want to post a short link within a thread rather than the full link. This article shows a…
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
In this Experts Exchange video Micro Tutorial, I'm going to show how small business owners who use Google Apps can save money by setting up what is called a catch-all email address in their Gmail accounts. By using the catch-all feature, small busin…

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question