Solved

Disconnect Internet but not LAN

Posted on 2011-02-11
7
759 Views
Last Modified: 2012-05-11
Hello,
We are about to put a public computer out in the productions shop and was wondering if there was a way have it disconnected from the internet but not the LAN. We will be sharing information such as blueprints and safety pdfs on the network for them to view. We do not want them to have access to the internet viewing.

What would be the best way to do this?
I was thinking about just removing Internet Explorer.. Any better ideas?

Thanks!
0
Comment
Question by:MattBamm
7 Comments
 
LVL 34

Accepted Solution

by:
Paul MacDonald earned 500 total points
ID: 34872032
Give the machine a fixed IP address and no default gateway.
0
 

Author Comment

by:MattBamm
ID: 34872045
wow, i never thought about that.

That is a great idea.
0
 
LVL 9

Expert Comment

by:sah18
ID: 34872057
Do you have a centralized firewall that this computer passes through?  If yes, your other option would be to assign a static IP to this system (if it doesn't already have one), and block port 80 and 443 access for this particular IP in your firewall rules.

If you do not have a centralized firewall, you may be able to block those same ports from all traffic on any local firewall software you have installed.

Short of using firewall rules, your idea to remove IE is not a bad one (not sure how easy this is to do -- haven't tried to strip that out before).
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 5

Expert Comment

by:delmc
ID: 34872741
You could create a group policy to point IE to a fake proxy server, define the users in a group called restricted IE and this would stop any traffic from going out to the web. Alternatively you could use sah18/ paulmacd's solutions in regards to restricting internet explorer as both would work equally as well.
0
 
LVL 2

Expert Comment

by:Parrish Chamberlain
ID: 34872947
If you have an ISA server you can add the computer names to th edeny access group, alternavley you can create a special group in DHCP and DNS that allows local network but no Internet, customers can still have intranet access to certain internal sites using a combination of the above.

If you do not have any of these servers use an open dns site and add the IP of the computers here to restrict access to www
0
 
LVL 7

Expert Comment

by:fhmc
ID: 34878171
Paulmacd  "Give the machine a fixed IP address and no default gateway. "

I agree w/ Paulmacd's suggestion.  If you employ this solution make sure the user doesn't have admin rights as admin users may modify their route tables...
0
 
LVL 2

Expert Comment

by:-HenryM-
ID: 34883804
you should also consider a group/local policy to block off non-admins from changing the network settings... depending on the user rights - they could potentially populate the default gateway and connect to the internet...
0

Featured Post

Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
PC and VOIP network issues 1 62
software license audit 6 67
Joining Domain Issue 4 53
Ricoh 6430DN printer unable to establish Ethernet network connection 12 90
Large and small networks have one same need, Service monitoring. Service monitoring consists of watch services of the several servers in the network. To monitor means that the administrator will receive an alert when a service is down or it's state …
Load balancing is the method of dividing the total amount of work performed by one computer between two or more computers. Its aim is to get more work done in the same amount of time, ensuring that all the users get served faster.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question