RE: How to implementAccess control for internal client base on host name
- From: "Joseph" <cismic@xxxxxxx>
- To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
- Date: Wed, 23 Jan 2002 14:57:53 -0800
ISA allows you to setup destination sets based on Client access.
At least in my case I'm using back to back with out the 3rd NIC card.
With out the public address in the DMZ I'm using private address in the
DMZ.
Now when the internal network access's the out side world the users
connect to The internal network via AD. With active directory I would
create a new
Group called something like this "BLOCKACCESS" Then add those users
that
You want to block access for. Then create a new Site and content rule
That points to "BLOCKACCESS" group. You can also create client
destination
Sets and experiment with other rules to be used in conjunction with the
above.
Joseph
-----Original Message-----
From: Carson Tu [mailto:ctu@xxxxxxxxxxxx]
Sent: Wednesday, January 23, 2002 2:33 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] How to implementAccess control for internal client
base on host name
http://www.ISAserver.org
Hi, All:
I need to block some internal clients from access internet. I can setup
packet filter for those workstations base on their IP. But the problem
is, those internal client are DHCP clients. So that block them by their
DNS name is a better idea. But I could not find a way to block them by
using DNS name (or NetBIOS name).
Another problem is, I need to block 6 internal client. These 6 desktop
cannot be descript by a IP arrange without affect the others. (For
example: If I block 192.168.2.111 - 192.168.2.150, 40 machines affected
instead of 6) Is there anyway I can setup a client set by each
individual IP or hostname? I don't want to setup client set for each
machine.
Need help. Thanks in advance.
Carson Tu
Network Administrator
Marketrx.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
cismic@xxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
