Solved

network blocking

Posted on 2014-04-17
7
211 Views
Last Modified: 2014-04-25
at work, the network people have things setup so that to access the internet through IE or Firefox, you have to be authenticated to the network by joining your computer to the domain, and logging in with an authenticated user's account.
we need to have a computer that is a message board and need it to run the messages all the time.  I can see our OU's with a description of policies like log off time, and lock times, and none of the OU's have what we need.
In a different environment, I would just create an OU and set the policies to meet our needs. However, In my environment, it's a huge chore to have something like this done, and I can't create OU's and don't have access to make policies.
So I thought I could setup a win7 pc, and not join the domain, so that we don't have to contend with a bunch of policies, this works, however, the message board has a feature to stream things like stocks, or show the current temperature - which should be blocked. however i noticed that i can ping www.yahoo.com, but can't go there through IE for example.
So I thought this would mean that internet traffic is blocked at the upper end of the network layer but not at a lower layer. if that is correct, would there be a way to have the RSS feed of the stocks still work?
0
Comment
Question by:JeffBeall
7 Comments
 
LVL 17

Expert Comment

by:bigeven2002
ID: 40007297
Hello,
This may be a shot in the dark, but if you join the win7 PC to domain, you can still log into it as local user which should skip group policy.  Then run IE as a domain admin by right clicking the icon and choose run as different user, then enter the domain user credentials.
0
 
LVL 10

Assisted Solution

by:tmoore1962
tmoore1962 earned 167 total points
ID: 40007304
If it uses IE explorer you could try installing ad block plus from ad block plus.org
0
 
LVL 17

Expert Comment

by:bigeven2002
ID: 40007307
Sorry I meant domain user, not domain admin.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 17

Assisted Solution

by:bigeven2002
bigeven2002 earned 166 total points
ID: 40007318
Also, in regard to your RSS feed, I believe most go through port 80 which is standard but some communicate through port 7780 as well.  So on your Cisco firewall, outbound communication should be allowed for both ports, which it sounds like it already is given that domain users can access.
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 167 total points
ID: 40007607
You are able to have non-domain joined PC's access the web, but only domain joined PC's get blocked? Do you have to provide credentials to get through the proxies when not domain joined?

If they use WCCP then RSS and html/xml in general (no matter what port) can be captured and processed by the proxy. WCCP works by looking at the traffic itself, and NOT based solely on port#
http://www.cisco.com/c/en/us/td/docs/ios/12_2/configfun/configuration/guide/ffun_c/fcf018.html#wp1000955

No matter what you need to work within your companies policies and chain of command. We cannot help you setup rogue and potentially unauthorized services. You need to escalate your requests and get proper approvals.
We all have the same kinds of head-aches, they exist in all companies I've been to.
-rich
0
 
LVL 1

Author Closing Comment

by:JeffBeall
ID: 40023318
I wasn't trying to get around security for malicious reasons. I just need a pc that will run an employee information power point.
Anyhow, thank you for the help.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
ASA 5520 problem with Failover in Active/Standby 8 64
capture pcap with filtered traffic 1 61
windows explorer default details view 10 56
Password recovery software 4 25
Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
The viewer will learn how to successfully download and install the SARDU utility on Windows 7, without downloading adware.
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question