RE: Restrict Internet by User
- From: v-jasont@xxxxxxxxxxxxxxxxxxxx (Jason Tan (MSFT))
- Date: Fri, 18 Nov 2005 08:03:01 GMT
Dear Eddy,
Thanks for posting!
I understand that you want to restrict the internet access on the VPN
clients without any Proxy server in Windows 2000 domain. If I have
misunderstood your concerns, please feel fee to let me know.
Based on my experience, I suggest you assign static IP Address for each VPN
user and restrict/Block the IP Address on the basis of Firewall.
You may assign the static IP Address for the VPN users as the following:
1. Run dsa.msc.(Active Directory Users and Computers)
2. Select the VPN user account and Right-Click to select the Properties.
3. Select the Dial-in tab and check the "Assign a Static IP Address". Input
a static IP Address.
You may block the IP Address based on your internal firewall.
Hope the information helps.
Best Regards,
Jason Tan
Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security
=====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| Thread-Topic: Restrict Internet by User
| thread-index: AcXrmILBtq/DdCOvROe3aNQTxrmKVA==
| X-WBNR-Posting-Host: 68.165.252.66
| From: "=?Utf-8?B?RWRkeSAtIE1DU0U=?=" <Eddy@xxxxxxxxxxxxxxxxx>
| Subject: Restrict Internet by User
| Date: Thu, 17 Nov 2005 09:01:11 -0800
| Lines: 15
| Message-ID: <90390972-060A-43E8-BE00-D17AAA17E2D1@xxxxxxxxxxxxx>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="Utf-8"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| Content-Class: urn:content-classes:message
| Importance: normal
| Priority: normal
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
| Newsgroups: microsoft.public.win2000.ras_routing
| NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
| Path: TK2MSFTNGXA02.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGXA03.phx.gbl
| Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.win2000.ras_routing:17345
| X-Tomcat-NG: microsoft.public.win2000.ras_routing
|
| Our company would like to restrict internet access on a "by user" basis.
I
| have set up a GPO with a bogus Proxy on an OU and this works fine for LAN
| users. However, VPN clients can still get on when connected to the VPN
(which
| makes sense since the Connection Manager takes over Internet settings).
How
| can I accomplish my goal without purchasing a Proxy server or specialized
| software (we are a not-for-profit organization)?
|
| We are using Windows 2000 Servers and a mix of Win 2k and Win XP clients.
|
| Your help is greatly appreciated.
|
| Thank you,
|
| --
| Eddy - MCSE
|
.
- Follow-Ups:
- RE: Restrict Internet by User
- From: Eddy - MCSE
- RE: Restrict Internet by User
- Prev by Date: Re: Using RAS/VPN Server with ADSL Modem
- Next by Date: Re: Set IP Address for RAS Server when RRAS Service starts
- Previous by thread: Re: Using RAS/VPN Server with ADSL Modem
- Next by thread: RE: Restrict Internet by User
- Index(es):
Relevant Pages
|
