RE: Allowing access based on IP address
- From: "bhavani.suresh" <bhavani.suresh@xxxxxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Sat, 1 Feb 2003 13:39:52 +0400
-----Original Message-----
From: bhavani.suresh
Sent: Sat, February 01, 2003 07:22
To: '[ISAserver.org Discussion List]'
Subject: RE: [isalist] Allowing access based on IP address
HI
C this sounds ok. Try to enable autologin on the kiosk pc. and give that user
access to Internet and restrict the timing. This would be like a 'guest' user.
noone would know the password. restrict all program access except IE on that
pc. put antivirus,disable floppy cd and any other virus gateway on that pc.
enable logging on isa and monitor periodically.
-----Original Message-----
From: btm [mailto:bmiyata@xxxxxxxxxxxxxxxxx]
Sent: Sat, February 01, 2003 04:43
To: [ISAserver.org Discussion List]
Subject: [isalist] Allowing access based on IP address
http://www.ISAserver.org
Hello All,
We have an Enterprise ISA SP3, Integrated, in an array, on a W2K SP3. We
have set up rules to allow users out only if they are part of an
authorized NT global group and have "ask unauthenticated users for
identification" enabled on the Outgoing Web Requests. We have configured
all of the browsers to point to the ISA proxy. Authorized users go out
transparantly while unauthorized users are prompted for credentials.
We now have a situation where "guest" terminals (no one signs on to the
domain) need access to the Internet. I have created a Client Address Set
to allow the IP address out but I am still prompted for credentials. I
logged into the domain with an ID that is not part of an authorized global
group and I was able to access the Internet (The situation we have is that
no one will be signing on to that computer). I disabled the "ask
unauthenticated..." and I could access the Internet no matter what which
is not good because we now lost control of who can access the Internet.
Anyone have a solution for this?
Thanks, Brian
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
bhavani.suresh@xxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
DISCLAIMER:
-------------------------------------------------------------------------------------------------------------
Please note that our domain name is changed from adnoc-fod.co.ae to
adnoc-dist.co.ae
Hence change your email addresses accordingly to reflect these changes.
This communication may contain confidential information. If you are not the
intended recipient
please inform us immediately.
For complete disclaimer note please visit our website at:
http://www.adnoc-dist.co.ae/emaildisclaimer.htm
Adnoc Distribution-Tel:02-6771300;Fax:02-6722322;
Email:webmaster@xxxxxxxxxxxxxxxx;Website:http://www.adnoc-dist.co.ae
Other related posts:
