Solved

Lockdown proxy settings with group policy, but allow access to Captive Portals

Posted on 2012-04-09
4
1,057 Views
Last Modified: 2012-05-10
Hi All,

I recently started a new company and they allow laptop users unrestricted internet access at home.

I want all traffic to go through out TMG server for content filtering, SPAM, AV etc...


I've locked down the IE proxy settings so it points at our proxy server.  However several users have said they can't access the internet when in hotels.

I dont know if this is true, but I thought the whole idea of captive portals were to redirect everything to the hotels login page regardless of the proxy settings.


Can anyone shed any light on this?
0
Comment
Question by:detox1978
  • 2
  • 2
4 Comments
 
LVL 5

Expert Comment

by:ssujai
ID: 37826902
Are you using a name for the proxy server? In that case, the machine will first try to resolve it using the DNS server. When used in a hotel, it would be the hotel DNS server, which will not work because it cant obiviously resolve your internal proxy server name
0
 
LVL 2

Author Comment

by:detox1978
ID: 37896338
We are using the local private IP address.

What is the norm for getting around this issue?
0
 
LVL 5

Accepted Solution

by:
ssujai earned 500 total points
ID: 37896548
Since it is private IP address, It wont be accessible from a hotel network. Since you have locked down the settings, the IE would try to go through the proxy each time. If wont be feasible to use a lockdown proxy settings, if you intend to allow the users to use the office laptop in public networks.  

Alternately you can advise users to use a different user account, maybe local account in such places if they want to access internet from public places. In that case , however a risk of infection from malicious sources would be there

I guess the best option would be to remove the lockdown ,so that users can use the laptop in in public places. Then you can use a good antivirus to ensure protection in public places

While back in office, users will have to use the proxy anyways to get access to internet. That way you can still maintain all the  protection/monitoring that you wish to implement
0
 
LVL 2

Author Comment

by:detox1978
ID: 37896794
ok thanks.

Currently I lock down the proxy settings for all users and have a group that allows members to edit them, but it reapplies every 45 minutes.
0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
In-place Upgrading Dirsync to Azure AD Connect
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question