Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Lockdown proxy settings with group policy, but allow access to Captive Portals

Posted on 2012-04-09
4
Medium Priority
?
1,118 Views
Last Modified: 2012-05-10
Hi All,

I recently started a new company and they allow laptop users unrestricted internet access at home.

I want all traffic to go through out TMG server for content filtering, SPAM, AV etc...


I've locked down the IE proxy settings so it points at our proxy server.  However several users have said they can't access the internet when in hotels.

I dont know if this is true, but I thought the whole idea of captive portals were to redirect everything to the hotels login page regardless of the proxy settings.


Can anyone shed any light on this?
0
Comment
Question by:detox1978
  • 2
  • 2
4 Comments
 
LVL 5

Expert Comment

by:ssujai
ID: 37826902
Are you using a name for the proxy server? In that case, the machine will first try to resolve it using the DNS server. When used in a hotel, it would be the hotel DNS server, which will not work because it cant obiviously resolve your internal proxy server name
0
 
LVL 2

Author Comment

by:detox1978
ID: 37896338
We are using the local private IP address.

What is the norm for getting around this issue?
0
 
LVL 5

Accepted Solution

by:
ssujai earned 2000 total points
ID: 37896548
Since it is private IP address, It wont be accessible from a hotel network. Since you have locked down the settings, the IE would try to go through the proxy each time. If wont be feasible to use a lockdown proxy settings, if you intend to allow the users to use the office laptop in public networks.  

Alternately you can advise users to use a different user account, maybe local account in such places if they want to access internet from public places. In that case , however a risk of infection from malicious sources would be there

I guess the best option would be to remove the lockdown ,so that users can use the laptop in in public places. Then you can use a good antivirus to ensure protection in public places

While back in office, users will have to use the proxy anyways to get access to internet. That way you can still maintain all the  protection/monitoring that you wish to implement
0
 
LVL 2

Author Comment

by:detox1978
ID: 37896794
ok thanks.

Currently I lock down the proxy settings for all users and have a group that allows members to edit them, but it reapplies every 45 minutes.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
Wouldn't it be nice if objects in Active Directory automatically moved into the correct Organizational Units? This is what AutoAD aims to do and as a plus, it automatically creates Sites, Subnets, and Organizational Units.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

926 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question