Solved

Lockdown proxy settings with group policy, but allow access to Captive Portals

Posted on 2012-04-09
4
1,061 Views
Last Modified: 2012-05-10
Hi All,

I recently started a new company and they allow laptop users unrestricted internet access at home.

I want all traffic to go through out TMG server for content filtering, SPAM, AV etc...


I've locked down the IE proxy settings so it points at our proxy server.  However several users have said they can't access the internet when in hotels.

I dont know if this is true, but I thought the whole idea of captive portals were to redirect everything to the hotels login page regardless of the proxy settings.


Can anyone shed any light on this?
0
Comment
Question by:detox1978
  • 2
  • 2
4 Comments
 
LVL 5

Expert Comment

by:ssujai
ID: 37826902
Are you using a name for the proxy server? In that case, the machine will first try to resolve it using the DNS server. When used in a hotel, it would be the hotel DNS server, which will not work because it cant obiviously resolve your internal proxy server name
0
 
LVL 2

Author Comment

by:detox1978
ID: 37896338
We are using the local private IP address.

What is the norm for getting around this issue?
0
 
LVL 5

Accepted Solution

by:
ssujai earned 500 total points
ID: 37896548
Since it is private IP address, It wont be accessible from a hotel network. Since you have locked down the settings, the IE would try to go through the proxy each time. If wont be feasible to use a lockdown proxy settings, if you intend to allow the users to use the office laptop in public networks.  

Alternately you can advise users to use a different user account, maybe local account in such places if they want to access internet from public places. In that case , however a risk of infection from malicious sources would be there

I guess the best option would be to remove the lockdown ,so that users can use the laptop in in public places. Then you can use a good antivirus to ensure protection in public places

While back in office, users will have to use the proxy anyways to get access to internet. That way you can still maintain all the  protection/monitoring that you wish to implement
0
 
LVL 2

Author Comment

by:detox1978
ID: 37896794
ok thanks.

Currently I lock down the proxy settings for all users and have a group that allows members to edit them, but it reapplies every 45 minutes.
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
logon script 9 74
GPO on certain users 17 33
Time sync on Domain 5 37
User Account issue 6 37
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question