If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
How to Enforce internet access through proxy setting only
Hi
I am trying to restrict internet access on mobile user (laptop installed with WIN XP, IE) via corporate network only. The mobile users are suppose to connect via the VPN tunnel (client) when they are not in office to the corporate network and access the internet from there only. My concern is how to stop them from accessing internet when they are able to hook up to their ISP when they are not in the office (security issues)? Could anyone advise how this can be achieved by just some settings in Windows? A 3rd party software is not desirable. Thanks in advance for all your advice! asterisks~ |
Ads |
#2
|
|||
|
|||
How to Enforce internet access through proxy setting only
In ,
Asterisks wibbled Hi I am trying to restrict internet access on mobile user (laptop installed with WIN XP, IE) via corporate network only. The mobile users are suppose to connect via the VPN tunnel (client) when they are not in office to the corporate network and access the internet from there only. My concern is how to stop them from accessing internet when they are able to hook up to their ISP when they are not in the office (security issues)? Could anyone advise how this can be achieved by just some settings in Windows? A 3rd party software is not desirable. Thanks in advance for all your advice! asterisks~ Try using the policy editor Start Run type gpedit.msc click OK Group Policy opens Navigate to User configuration Windows Settings Internet Explorer Maintenance Connection In right hand pane open Proxy Settings add your required proxy details then to stop users changing settings within IE navigate to User configuration Administrative Templates Windows Components Internet Explorer right hand pane enable the "Disable changing proxy settings" Help info from that option: "Prevents users from changing proxy settings. If you enable this policy, the proxy settings appear dimmed. These settings are in the Proxy Server area of the Local Area Network (LAN) Settings dialog box, which appears when the user clicks the Connections tab and then clicks the LAN Settings button in the Internet Options dialog box. If you set the "Disable the Connections page" policy (located in \User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel), you do not need to set this policy, because the "Disable the Connections page" policy removes the Connections tab from the interface." Also note other settings in there that you can use to lock down you IE install. -- Steve Parry www.gwynfryn.co.uk |
#3
|
|||
|
|||
How to Enforce internet access through proxy setting only
Hi
Thanks for the advice, I guess I should have mentioned that the proxy setting would be dictated by the automatic configuration script (stated in IE - Internet Option - Connections - LAN settings) which is hosted on a corporate server. I've tried above but it seemed that once IE is unable to locate this file (since it is not accessible by mobile user externally to corporate network), it would ignore this script setting (which is unavailable when user choose to connect to their ISP). Next, IE would try to see if there is a proxy setting defined in IE (hard code IP address). If the proxy address is stated in IE, it would adhere to it, else it would ignore and use the ISP proxy address instead. The hard-coded IP address in IE's proxy setting is less desirable as the automatic configuration script needs to be used (to allow flexibility to change the proxy setting by the administrator). Thus, the above doesn't stop the mobile user from accessing internet via their ISP if the "automatic configuration script" option is required. Could you advise how to resolve this? -- asterisks~ "Steve Parry" wrote: In , Asterisks wibbled Hi I am trying to restrict internet access on mobile user (laptop installed with WIN XP, IE) via corporate network only. The mobile users are suppose to connect via the VPN tunnel (client) when they are not in office to the corporate network and access the internet from there only. My concern is how to stop them from accessing internet when they are able to hook up to their ISP when they are not in the office (security issues)? Could anyone advise how this can be achieved by just some settings in Windows? A 3rd party software is not desirable. Thanks in advance for all your advice! asterisks~ Try using the policy editor Start Run type gpedit.msc click OK Group Policy opens Navigate to User configuration Windows Settings Internet Explorer Maintenance Connection In right hand pane open Proxy Settings add your required proxy details then to stop users changing settings within IE navigate to User configuration Administrative Templates Windows Components Internet Explorer right hand pane enable the "Disable changing proxy settings" Help info from that option: "Prevents users from changing proxy settings. If you enable this policy, the proxy settings appear dimmed. These settings are in the Proxy Server area of the Local Area Network (LAN) Settings dialog box, which appears when the user clicks the Connections tab and then clicks the LAN Settings button in the Internet Options dialog box. If you set the "Disable the Connections page" policy (located in \User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel), you do not need to set this policy, because the "Disable the Connections page" policy removes the Connections tab from the interface." Also note other settings in there that you can use to lock down you IE install. -- Steve Parry www.gwynfryn.co.uk |
Thread Tools | |
Display Modes | |
|
|