Squarespace’s all-in-one platform gives you everything you need to express yourself creatively online, whether it is with a domain, website, or online store. Get started with your free trial today, and when ready, take 10% off your first purchase with offer code 'EXPERTS'.
Solved
Block Internet Access, Allow Intranet, No Proxy Server
Posted on 2013-01-24
Hello
I'm currently working with a company to change their group policy.
They have a group policy that sets a proxy server address off 0.0.0.0
The GP is then assigned to an OU and any user in that OU gets the proxy address and is therefore unable to access the Internet.
Now, we have a new Intranet system but because the vast majority of users have the above proxy set, they are unable to access the Intranet.
What is the best way of allowing access to the intranet, but still blocking Internet Access?
The company does not have a proxy server
Thanks in advance
I'm currently working with a company to change their group policy.
They have a group policy that sets a proxy server address off 0.0.0.0
The GP is then assigned to an OU and any user in that OU gets the proxy address and is therefore unable to access the Internet.
Now, we have a new Intranet system but because the vast majority of users have the above proxy set, they are unable to access the Intranet.
What is the best way of allowing access to the intranet, but still blocking Internet Access?
The company does not have a proxy server
Thanks in advance
2-
2
- +2
7 Comments
Hello
Fix the GP so everyone have access and from your DHCP server publish only the subnet and DNS server. Do not publish the gateway
Fix the GP so everyone have access and from your DHCP server publish only the subnet and DNS server. Do not publish the gateway
Active 3 days ago
But wouldn't that then block Internet for every user?
For instance the GPO isn't applied to one OU, which contains managers, and they are allowed Internet access
For instance the GPO isn't applied to one OU, which contains managers, and they are allowed Internet access
Active today
If everything including the intranet web server is on the same subnet , and you don;t need to route any IP traffic to other sites, you could set all the client computers to have no default gateway ( or set it to an IP address that doesn't exist). They would still be able to communicate on the local subnet but not beyond.
Then you don't need to set up any proxy server settings.
EDIT - re your comment above: if you want the managers to have different behaviour they would need to have either different IP configuration (such as pointing to a real default gateway) or different browser behaviour ( either them or the other staff pointing to a proxy server address). Depending on how many managers there are, you may be able to set up fixed IP info for them, or maybe a DHCP scope with different options and with reserved IP addresses for these computers.
Or the managers could run a script which adds (manually) an IP route to the internet, pointing at the default gateway.
Then you don't need to set up any proxy server settings.
EDIT - re your comment above: if you want the managers to have different behaviour they would need to have either different IP configuration (such as pointing to a real default gateway) or different browser behaviour ( either them or the other staff pointing to a proxy server address). Depending on how many managers there are, you may be able to set up fixed IP info for them, or maybe a DHCP scope with different options and with reserved IP addresses for these computers.
Or the managers could run a script which adds (manually) an IP route to the internet, pointing at the default gateway.
In addition with my answer aflockhart's suggestion is correct
Further on that the best solution will be a UTM device but with a cost of course...
Further on that the best solution will be a UTM device but with a cost of course...
Featured Post
Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.
One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
Join & Write a Comment Already a member? Login.
Nuance's PaperPort may display this error message:
PaperPort appears to be running Windows XP Compatibility Mode which may result in errors. We recommend disabling Compatibility Mode for the PaprPort.exe program, see Technote 6629.
This articl…
- Document Management
- Document Imaging
- Printers and Scanners
- Software
- Images and Photos
- Photos / Graphics Software, Windows XP, Windows OS, OCR, *PaperPort
This is a comprehensive review of a bundled Toolkit designed for use by IT Professionals and End Users to help Microsoft Outlook fans manipulate Outlook files and repair some common problems. Enjoy...
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
How to fix incompatible JVM issue while installing Eclipse
While installing Eclipse in windows, got one error like above and unable to proceed with the installation.
This video describes how to successfully install Eclipse.
How to solve incompa…
Suggested Courses
Course of the Month7 days, 10 hours left to enroll
585 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.