Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Web Proxy

Status
Not open for further replies.
Soulless

Soulless

IS-IT--Management
Aug 12, 2003
66
0
0
GB
We have Windows 2000 Small Business Server. We recently installed a web filter, SurfControl.
We have setup so everyone connects to the internet using a proxy server, in this instance the web filter works great.
However if a user were to go into Internet Explorer, Tools->Internet Options ->Connections-> LAN Settings and select Automatically Detect, they can then view any pages they want.
Can I stop them being able to do this or can I route all internet access through the proxy server?
 
Sort by date Sort by votes
This area can be restricted by creating a GPO, and removing access to the connections page within IE control panel.

Mike,
 
Upvote 0 Downvote
This is prob a dumb question but how would I go about doing that?
 
Upvote 0 Downvote
Well, the reason they are able to do that is because your default gateway setting actually exist. A default gateway by definition is the address of the router that allows them to reach 0.0.0.0 which is the internet. Normally this will be your firewall/internet router and if outgoing web services are allowed (http,https) then they will be able to surf the net.

If you have a flat network, that is, where there are no routers required to reach any of your internal servers, then you should point the workstations to a DUMMY (non- existent!) default gateway. This way, they cannot do anything if they disable the proxy. The surfcontrol filter however has to be pointed to the real gateway (as well as your other server like DNs, mail forwarder that need direct access to the internet). This also solves a lot of network slowdown issues when a virus like blaster or sasser hits. When you get hit by these viruses, they immediately look for the default gateway to lauch a denial of service attack against an external target host. Most network admins will set the default gateway to a firewall which also most of the time happens to be their web proxy and reverse proxy, mail filter/forwarder. Guess what happens? The firewall has to carry and filter all that outgoing traffic -- resulting in sloow not downright NONE internet connectivity.

SMSG
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
117
Aquiles Vidal
Aquiles Vidal
DeepuM
  • Locked
  • Question
Web Response returned Web Exception : The underlying connection was closed error | Simphony & QS
Replies
0
Views
78
DeepuM
DeepuM
dpellegrini
  • Locked
  • Question
Website will load using hostname but not IP address
Replies
3
Views
183
mangentle
mangentle
iCDT
  • Locked
  • Question
Remote Desktop Web Access ( No application available)
Replies
2
Views
77
hairlessupportmonkey
hairlessupportmonkey
GriffMG
  • Locked
  • Question
Server 2016 IIS - When opening default web page in Edge (chromium) it downloads rather than opening
Replies
1
Views
77
GriffMG
GriffMG

Part and Inventory Search

Sponsor

Back
Top