How can I block web access?
I need to block internet access, but allow access to the intranet. I don't have the option to block port 80 and run the intranet servers on another port. I basically need something to run on local machines, be it a script, program, or setting, which will not allow access to the internet.
Comments
-
ajs1976
Member Posts: 1,945 ■■■■□□□□□□
If they are only access one LAN, remove the Default gateway address from the client PCs.
Depending on the type of router you are using, you could set up an ACL.Andy
2020 Goals: 0 of 2 courses complete, 0 of 2 exams complete -
/usr
Member Posts: 1,768
The DHCP server is going to give out the address unless it's configured not to. Some clients need access, others don't. Going that route leaves people who need access out of luck unless they stay away from the DHCP server and are given a static ip. -
wildfire
Member Posts: 654
Need more info really youve not said what client people are using xp pro/2000 etc? do they access through a proxy server? broadband router? if so what type? or other router?Looking for CCIE lab study partnerts, in the UK or Online.
-
/usr
Member Posts: 1,768
I need a way to disable this at the local level. The machine they are working on.
Running a combination of NT/2000 machines. -
BeachTech_
Member Posts: 12 ■□□□□□□□□□
We have a user here that had his internet privledge revoked after he visited some "hot" sites (read "****"). He only needed to access one website...the corporate website. So I put in a bogus IP address for the DNS server, then put in the IP address as the IE Homepage (http://192.168.x.x).
Now, if you need them to be able us use FQDN for the Intranet, what about pointing to a bogus DNS and creating a static HOST file on the client's machine? If it is an intranet, you shouldn't have too many entries in this table. -
big boi
Member Posts: 10 ■□□□□□□□□□
any proxy server should be able to do this. squid. symantec web security. etc.
