Re: Client Lockdown
From: bobroq (bobroq_at_discussions.microsoft.com)
Date: 12/29/04
- Next message: Damian N Leibaschoff [MSFT]: "Re: Roll out application updates?"
- Previous message: dsfseattle: "Re: Can't browse network through vpn connection"
- In reply to: Marina Roos [SBS-MVP]: "Re: Client Lockdown"
- Next in thread: bobroq: "Re: Client Lockdown"
- Reply: bobroq: "Re: Client Lockdown"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 29 Dec 2004 11:43:03 -0800
Thank you very much for your reply...
Just to clairify:
During the install two network connections were made for me
Server Local Area Connection
Network Connection
How exactly do I specify the Default Gateway for my clients. I have DHCP
setup on the server so they are obtaining that value when I do an ipconfig
/renew.
Thank you again
Bob.
"Marina Roos [SBS-MVP]" wrote:
> Hi Bob,
>
> DNS on the server nic should ** only ** point to the server IP.
> The clients have a totally wrong gateway, so that is the reason they are not
> able at all to browse the internet.
>
> --
> Regards,
>
> Marina
> Microsoft SBS-MVP
> One of the Magical M&M's
>
> "bobroq" <bobroq@discussions.microsoft.com> schreef in bericht
> news:13C00688-EB3F-4F8A-B1D9-8AAD7038F04A@microsoft.com...
> > Server:
> > Windows IP Configuration
> >
> > Host Name . . . . . . . . . . . . : zeus
> > Primary Dns Suffix . . . . . . . : CertifiedGrinding.local
> > Node Type . . . . . . . . . . . . : Unknown
> > IP Routing Enabled. . . . . . . . : Yes
> > WINS Proxy Enabled. . . . . . . . : Yes
> > DNS Suffix Search List. . . . . . : CertifiedGrinding.local
> >
> > Ethernet adapter Server Local Area Connection:
> >
> > Connection-specific DNS Suffix . :
> > Description . . . . . . . . . . . : SMC EZ Card 10/100 PCI (SMC1211TX)
> > Physical Address. . . . . . . . . : 00-10-B5-9D-8B-37
> > DHCP Enabled. . . . . . . . . . . : No
> > IP Address. . . . . . . . . . . . : 192.168.1.101
> > Subnet Mask . . . . . . . . . . . : 255.255.255.0
> > Default Gateway . . . . . . . . . :
> > DNS Servers . . . . . . . . . . . : 64.65.208.6
> > 64.64.196.6
> > Primary WINS Server . . . . . . . : 192.168.1.101
> >
> > Ethernet adapter Network Connection:
> >
> > Connection-specific DNS Suffix . :
> > Description . . . . . . . . . . . : SiS 900-Based PCI Fast Ethernet
> Adapter
> > Physical Address. . . . . . . . . : 00-E0-06-09-55-66
> > DHCP Enabled. . . . . . . . . . . : No
> > IP Address. . . . . . . . . . . . : 192.168.4.101
> > Subnet Mask . . . . . . . . . . . : 255.255.255.0
> > Default Gateway . . . . . . . . . : 192.168.4.1
> > DNS Servers . . . . . . . . . . . : 192.168.1.101
> > NetBIOS over Tcpip. . . . . . . . : Disabled
> >
> > Client:
> > Windows 2000 IP Configuration
> >
> > Host Name . . . . . . . . . . . . : apollo
> > Primary DNS Suffix . . . . . . . : CertifiedGrinding.local
> > Node Type . . . . . . . . . . . . : Hybrid
> > IP Routing Enabled. . . . . . . . : No
> > WINS Proxy Enabled. . . . . . . . : No
> > DNS Suffix Search List. . . . . . : CertifiedGrinding.local
> >
> > Ethernet adapter Local Area Connection:
> >
> > Connection-specific DNS Suffix . : CertifiedGrinding.local
> > Description . . . . . . . . . . . : SiS 900 PCI Fast Ethernet
> Adapter
> > Physical Address. . . . . . . . . : 00-0C-6E-2C-72-E5
> > DHCP Enabled. . . . . . . . . . . : Yes
> > Autoconfiguration Enabled . . . . : Yes
> > IP Address. . . . . . . . . . . . : 192.168.1.10
> > Subnet Mask . . . . . . . . . . . : 255.255.255.0
> > Default Gateway . . . . . . . . . : 192.168.1.1
> > DHCP Server . . . . . . . . . . . : 192.168.1.101
> > DNS Servers . . . . . . . . . . . : 192.168.1.101
> > Primary WINS Server . . . . . . . : 192.168.1.101
> > Lease Obtained. . . . . . . . . . : Tuesday, December 28, 2004
> > 11:15:02 AM
> > Lease Expires . . . . . . . . . . : Wednesday, January 05, 2005
> > 11:15:02 AM
> >
> > Thank you again for your help
> >
> >
> > "Frank McCallister SBS MVP" wrote:
> >
> > > Hi Bob
> > >
> > > Post your IPCONFIG /ALL from server and one WS
> > >
> > > --
> > > Frank McCallister SBS MVP
> > > COMPUMAC
> > > "bobroq" <bobroq@discussions.microsoft.com> wrote in message
> > > news:53A178B0-48E4-4D3D-ACEC-31DD6DFBAC00@microsoft.com...
> > > > haha... I kept on telling the other guy at work who is helping me work
> on
> > > > this that the ISA server was working perfectly (since we can't get to
> any
> > > > external websites) or we set something up wrong.
> > > >
> > > > Tomorrow when I go in I will double check to see if we installed the
> ISA
> > > > server (sounds like we didn't)
> > > >
> > > > I guess that leads me to another question then... what could I have
> > > > configured wrong that would prevent me from accessing the outside from
> my
> > > > client machines... My server can reach the internet without a problem.
> > > >
> > > > Thank you for your help.
> > > > Bob.
> > > >
> > > > "Frank McCallister SBS MVP" wrote:
> > > >
> > > >> Hi Bob
> > > >>
> > > >> Did you separately Install ISA from the Premium Technologies CD
> > > >> folllowing
> > > >> the instructions in the document on the root of that CD? Under Start
> All
> > > >> Programs it will be Listed under Microsoft ISA Server
> > > >>
> > > >> --
> > > >> Frank McCallister SBS MVP
> > > >> COMPUMAC
> > > >> "bobroq" <bobroq@discussions.microsoft.com> wrote in message
> > > >> news:D26AD5DB-1156-4673-8397-2F95FD65EE68@microsoft.com...
> > > >> >I was hoping that someone could shed some light on a configuration
> issue
> > > >> >I
> > > >> >am
> > > >> > having with my Server. One of the things that I really I was
> really
> > > >> > hoping
> > > >> > to do when I switched to SBS was really limit what users can do
> with
> > > >> > their
> > > >> > client computers.
> > > >> >
> > > >> > Specificly I wanted to:
> > > >> > Deny their ability to browse the internet
> > > >> > Deny their ability to install their own programs
> > > >> > Deny their ability to write to any directory besides their my
> documents
> > > >> > folder or desktop
> > > >> >
> > > >> > I must have done something really wrong when I configured the user
> > > >> > accounts
> > > >> > because at this current point in time they all log into the client
> > > >> > machines
> > > >> > with administrator privilages. (I really do not understand why
> because
> > > >> > I
> > > >> > created the accounts with the lowest amount of privilages - using
> the
> > > >> > to
> > > >> > do
> > > >> > list add users screen)
> > > >> >
> > > >> > I started reading about group policy objects and I realize that
> these
> > > >> > might
> > > >> > be able to help me with limit what folders they can and cannot
> write
> > > >> > to.
> > > >> > I
> > > >> > was wondering if anyone had any suggestions on exacty what policies
> I
> > > >> > can
> > > >> > set
> > > >> > to obtain my goals.
> > > >> >
> > > >> > I purchased the SBS Premium to get the ISA server 2000. This has
> > > >> > worked
> > > >> > great to stop my users from browsing the internet, however I would
> like
> > > >> > to
> > > >> > add one or two sites that they are allowed to go to. When I went
> to do
> > > >> > this
> > > >> > today I realized that I can not (for the life of me) find the ISA
> > > >> > managment
> > > >> > console. I know that this should be in Start->all programs->ISA
> ....
> > > >> > However
> > > >> > their is no ISA ... entry in my all programs menu?!
> > > >> >
> > > >> > Thank you very much for any help you can offer
> > > >> > Bob.
> > > >>
> > > >>
> > > >>
> > >
> > >
> > >
>
>
>
- Next message: Damian N Leibaschoff [MSFT]: "Re: Roll out application updates?"
- Previous message: dsfseattle: "Re: Can't browse network through vpn connection"
- In reply to: Marina Roos [SBS-MVP]: "Re: Client Lockdown"
- Next in thread: bobroq: "Re: Client Lockdown"
- Reply: bobroq: "Re: Client Lockdown"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
