Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Westi on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Windows Server 2003 AD Internet Access

Status
Not open for further replies.
sweetac

sweetac

IS-IT--Management
Nov 2, 2006
77
US
Hello, I am trying to lock down which users can and cannot access the Internet. I am wondering if there is a way to create a "internet" group and then assign the users who should have access to that group. This is a very small company and I have 2 NICs in the 2003 box and RRAS running. I have RIP v2 configured and currently all users are able to access the net through this box.

I am willing to make any config changes required if this is possible.

Thanks!
 
Sort by date Sort by votes
Get ISA or Linux. Do you run some sort of PIX or ASA
 
Upvote 0 Downvote
There is nothing else configured. I stepped into the current configuration. A Linux solution would definitely be feasable. I am guessing I would need to set up RADIUS for cross-platform authentication? Are there any docs on the net on configuring this setup?
 
Upvote 0 Downvote
A very good, and free, Linux solution is Smoothwall


This can be used as a proxy server and you can use dansguardian for internet content filtering.

You mention that you think you may need to use RADIUS, what requirements are you looking to fill??

Paul
MCSE


"Two things are infinite: the universe and human stupidity; and I'm not sure about the the universe."
Albert Einstein
 
Upvote 0 Downvote
Basically, I need Internet access restricted to particular users on the network based on their AD ID permissions. The company does not want to manage a separate database for these so a 3rd party/platform solution would require some way to determine if the user requesting access is allowed access through some sort of common user data such as RADIUS or other ldap solution.

I was hoping there was a way to control this access with Active Directory through Group Policy management but it appears that ISA Server would be required (surprise, surprise, MS puts this functionality in a separate, very expensive product instead of including it in the already-rediculously priced OS, not to mention the added cost per user!).
 
Upvote 0 Downvote
There is a custom mod for smoothwall that allows for authenticate against active directory called advance proxy


There is another proxy server I've used in the past that offers authenticate against AD but I can't remember what it is called now. In fact there are probably lots of them, do a quick google for them or there is a proxy forum on tek-tips.

Paul
MCSE


"Two things are infinite: the universe and human stupidity; and I'm not sure about the the universe."
Albert Einstein
 
Upvote 0 Downvote
Linux does authenticate with AD using Winbind.
 
Upvote 0 Downvote
Thanks for the help everyone. I am going to repurpose one of the old file servers and install Linux and Smoothwall to try to get this up and running (since its free :)) and Advanced Proxy.

Thanks again!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
684
suncit
suncit
Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
521
Aquiles Vidal
Aquiles Vidal
MaioMaio
  • Locked
  • Question
Server Remote Desktop License
Replies
0
Views
426
MaioMaio
MaioMaio
antonio_dsanchez
  • Locked
  • Question
post-installation WSUS windows server 2016
Replies
0
Views
430
antonio_dsanchez
antonio_dsanchez
DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
572
DrB0b
DrB0b

Part and Inventory Search

Sponsor

Back
Top