Solved

Lockdown proxy settings with group policy, but allow access to Captive Portals

Posted on 2012-04-09
4
1,038 Views
Last Modified: 2012-05-10
Hi All,

I recently started a new company and they allow laptop users unrestricted internet access at home.

I want all traffic to go through out TMG server for content filtering, SPAM, AV etc...


I've locked down the IE proxy settings so it points at our proxy server.  However several users have said they can't access the internet when in hotels.

I dont know if this is true, but I thought the whole idea of captive portals were to redirect everything to the hotels login page regardless of the proxy settings.


Can anyone shed any light on this?
0
Comment
Question by:detox1978
  • 2
  • 2
4 Comments
 
LVL 5

Expert Comment

by:ssujai
Comment Utility
Are you using a name for the proxy server? In that case, the machine will first try to resolve it using the DNS server. When used in a hotel, it would be the hotel DNS server, which will not work because it cant obiviously resolve your internal proxy server name
0
 
LVL 2

Author Comment

by:detox1978
Comment Utility
We are using the local private IP address.

What is the norm for getting around this issue?
0
 
LVL 5

Accepted Solution

by:
ssujai earned 500 total points
Comment Utility
Since it is private IP address, It wont be accessible from a hotel network. Since you have locked down the settings, the IE would try to go through the proxy each time. If wont be feasible to use a lockdown proxy settings, if you intend to allow the users to use the office laptop in public networks.  

Alternately you can advise users to use a different user account, maybe local account in such places if they want to access internet from public places. In that case , however a risk of infection from malicious sources would be there

I guess the best option would be to remove the lockdown ,so that users can use the laptop in in public places. Then you can use a good antivirus to ensure protection in public places

While back in office, users will have to use the proxy anyways to get access to internet. That way you can still maintain all the  protection/monitoring that you wish to implement
0
 
LVL 2

Author Comment

by:detox1978
Comment Utility
ok thanks.

Currently I lock down the proxy settings for all users and have a group that allows members to edit them, but it reapplies every 45 minutes.
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
Learn about cloud computing and its benefits for small business owners.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now