Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

How can I block some PCs to the Internet ?

Posted on 2008-10-23
12
Medium Priority
?
269 Views
Last Modified: 2013-12-08
My boss is asking me to block some PCs to the Internet but can still get email using POP3.
What's the easy way to do?

Environment :
Server : 1 x Windows 2003 Standard Server
PCs : 10 x PCs XP Professional SP2
PCs software: NAV version 10
Network Media: Standard Cat 5 Cable
Switch : Simple 16 ports 10/100 Mbps switch hub ( Non-management module )
Router : ADSL modem to Internet

0
Comment
Question by:Joe_LAI
12 Comments
 
LVL 1

Expert Comment

by:lk-data
ID: 22784517
You can do it with an IP Security Policy in Group Policy - Computer Configuration | Windows Settings | Security Settings | IP Security Policies. If you've already assigned an IP Security Policy then edit it to include the blocking of port 80 and 443.
0
 

Author Comment

by:Joe_LAI
ID: 22784590
Is it doing on the server ? All PCs are using manually IP address. No using DHCP at router or server.
PCs IP setting:
IP address 10.0.0.100 - 110
Subnet Mask 255.255.255.0
Default Gateway: 10.0.0.1
DNS : 10.0.0.10
Server  IP setting:
IP address 10.0.0.10
Subnet Mask 255.255.255.0
Default Gateway: 10.0.0.1
DNS : 10.0.0.1
0
 
LVL 1

Expert Comment

by:lk-data
ID: 22784738
Are yout PC's in a Domain?

If yes then you do it on the Server, and it will be put on the workstations at logon. Otherwise you have to do it on every local Workstation, then you have to be sure the users can't access the Group policy settings, or they can remake the settings if they know how to do that...

The IP address has nothing to do with this policy.
0
WatchGuard Case Study: NCR

With business operations for thousands of customers largely depending on the internal systems they support, NCR can’t afford to waste time or money on security products that are anything less than exceptional. That’s why they chose WatchGuard.

 

Author Comment

by:Joe_LAI
ID: 22785096
Yes, all PCs are in a Domain.
How to select block PCs to IP Security Policy
0
 

Author Comment

by:Joe_LAI
ID: 22785518
I tried to setup but not working. Any other way to do that ?
0
 
LVL 1

Accepted Solution

by:
lk-data earned 1200 total points
ID: 22785613
I found this site, with some screendumps on:

http://www.petri.co.il/block_web_browsing_with_ipsec.htm

0
 
LVL 1

Assisted Solution

by:lk-data
lk-data earned 1200 total points
ID: 22785650
The same site in the buttom there is this link:

http://www.petri.co.il/configuring_ipsec_policies_through_gpo.htm

This is the way to do it on the server, and let the logon distrubute it to the workstations, when the users logon the domain.

0
 
LVL 4

Assisted Solution

by:smittyboom
smittyboom earned 300 total points
ID: 22787002
Simple way to do it.
Open IE>Internet Options>Connections>LAN Settings>Check Use A Proxy Server>type 0.0.0.0. in the box and check the bypass proxy for local sites.
0
 
LVL 9

Expert Comment

by:Sci-Fi-Si
ID: 22790292
Nice one smittyboom, I like the cut of ya jib ma' boy what can I add to that?

Problem solved
0
 
LVL 1

Expert Comment

by:lk-data
ID: 22790375
That's too easy to undo, and the group policy this is one thing you only have to do once, then all there logon to the domain get this group policy, and can't browse the web.
0

Featured Post

Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
The advancement in technology has been a great source of betterment and empowerment for the human race, Nevertheless, this is not to say that technology doesn’t have any problems. We are bombarded with constant distractions, whether as an overload o…
Google currently has a new report that is in beta and coming soon to Webmaster Tool accounts. This Micro Tutorial will highlight new features for Google Webmaster Tools.
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.
Suggested Courses

963 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question