Solved

Lockdown proxy settings with group policy, but allow access to Captive Portals

Posted on 2012-04-09
4
1,081 Views
Last Modified: 2012-05-10
Hi All,

I recently started a new company and they allow laptop users unrestricted internet access at home.

I want all traffic to go through out TMG server for content filtering, SPAM, AV etc...


I've locked down the IE proxy settings so it points at our proxy server.  However several users have said they can't access the internet when in hotels.

I dont know if this is true, but I thought the whole idea of captive portals were to redirect everything to the hotels login page regardless of the proxy settings.


Can anyone shed any light on this?
0
Comment
Question by:detox1978
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 5

Expert Comment

by:ssujai
ID: 37826902
Are you using a name for the proxy server? In that case, the machine will first try to resolve it using the DNS server. When used in a hotel, it would be the hotel DNS server, which will not work because it cant obiviously resolve your internal proxy server name
0
 
LVL 2

Author Comment

by:detox1978
ID: 37896338
We are using the local private IP address.

What is the norm for getting around this issue?
0
 
LVL 5

Accepted Solution

by:
ssujai earned 500 total points
ID: 37896548
Since it is private IP address, It wont be accessible from a hotel network. Since you have locked down the settings, the IE would try to go through the proxy each time. If wont be feasible to use a lockdown proxy settings, if you intend to allow the users to use the office laptop in public networks.  

Alternately you can advise users to use a different user account, maybe local account in such places if they want to access internet from public places. In that case , however a risk of infection from malicious sources would be there

I guess the best option would be to remove the lockdown ,so that users can use the laptop in in public places. Then you can use a good antivirus to ensure protection in public places

While back in office, users will have to use the proxy anyways to get access to internet. That way you can still maintain all the  protection/monitoring that you wish to implement
0
 
LVL 2

Author Comment

by:detox1978
ID: 37896794
ok thanks.

Currently I lock down the proxy settings for all users and have a group that allows members to edit them, but it reapplies every 45 minutes.
0

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question