Re: Limiting which users have Internet Access

[Benjamin Story <bstory@bullets.net>]

What kind of switches/routers do you have?  I would just assign those
users IP addresses in a certain range and put an ACL on the router to
block them access to the internet.
On Tue, May 04, 2004 at 02:36:13PM -0500, Glenn Tofte wrote:
> I am getting ready to deploy a Linux firewall/content filtering solution
> (IPCop w/ Dansguardian) but I have one final hurdle:  We have some users
> who are not allowed to have Internet access (the exception rather than
> the rule).
> 
> OUR ENVIRONMENT:
> 70 Windows 2000/XP desktops
> Windows 2000 Servers w/ Active Directory
> Currently we are using M$ ISA for Internet accountability, which checks
> against Active Directory to see if the user is a member of the Internet
> Users Group before allowing access.
> 
> WE HAVE TRIED:
> With IPCop I can block by IP address, but not by user.  This doesn't (by
> itself)help  since the computers are shared between
> Internet/Non-Internet users.
> 
> One thought that I had was to give the non-Internet users a null gateway
> so they can access local resources, but not Internet resources.  We have
> been trying to use "netsh" to toggle the gateway settings on the network
> interfaces, but have not had much success.
> 
> Does anyone have any other ideas?
> 
> Thanks!
> 
> Glenn
> __________________
> Glenn W. Tofte
> IDCAG
> Info Systems Admin
> 217-854-4685 
> 
> -
> To unsubscribe, send email to majordomo@luci.org with
> "unsubscribe luci-discuss" in the body.

-
To unsubscribe, send email to majordomo@luci.org with
"unsubscribe luci-discuss" in the body.