Home
Monday, November 20, 2017
6:32:17 PM
Users online: 0   You are here >> Home > Networking

Forums | Networking Forums search
Forum FAQ
   
  1  
Internet Proxy/Filtering/Management
freakonaleash 
8/9/08 3:48:08 PM
Champion

hey all

So i am back with this one and was wondering if i could please get some fresh ideas.
What we would like to do at work is implement a system of some sort that we can use to manage, monitor and restrict internet usage throughout the company (like a proxy).
there are a few items that prevent me from just throwing in a proxy server:
1. my manager wants to keep the domain contorller as the DNS server
2. my manager doesn't want to have multiple IP ranges
3. we have a hardware based VPN that he would like to keep. the system needs to be able to cope with that.

I can set up so every-uses a proxy with squid, but i would like something a little more idiot proof so that people can't bypass it to easily.

Is anyone able to provide some suggestions/assistance with this?

Any OS, anything that works

Thanks
Stephen

-----
PC1: Q6600 | P35-DS3P | 2gb Ram | 7900GT | 320+320+320+160gb | 22" Viewsonic
PC2: AXP2800+ | Kt4 Ultra | 512m Ram | 6600Gt | 40gb
Laptop: T9300 (2.5ghz) | 4gb Ram | 200gb 7200RPM Sata | 512mb 8800m GTX | 17" (1920x 1200) | Full Size KB

wilsontc 
8/9/08 4:30:14 PM
Guru

How are your users by passing squid? Why not just set up squid to authenticate against AD?

Squid is almost always a good option.

Edit: When you say less idiot proof, I seriously hope you don't mean that you would specify the proxy in Internet Explorer network options, because there are much better ways to configure machines to use a proxy.


Edited by wilsontc: 8/9/2008 04:32:22 PM

-----
Quote by Fragasaurus
Animals have only one right, the right to be delicious...



freakonaleash 
8/9/08 6:29:05 PM
Champion

yea.. hence me asking on here..

The initial plan was an invisible squid proxy, but i am not confident enough to get the VPN to work properly, and i could only get it to work with seperate IP ranges.

My netowkr isn't up to scratch enough to be able to get it to work so that the DNS, AD, VPN and Proxy all play nice...

-----
PC1: Q6600 | P35-DS3P | 2gb Ram | 7900GT | 320+320+320+160gb | 22" Viewsonic
PC2: AXP2800+ | Kt4 Ultra | 512m Ram | 6600Gt | 40gb
Laptop: T9300 (2.5ghz) | 4gb Ram | 200gb 7200RPM Sata | 512mb 8800m GTX | 17" (1920x 1200) | Full Size KB

Thom0 
8/9/08 9:56:07 PM
Champion

ISA Server 2006

-----

freakonaleash 
8/9/08 10:53:15 PM
Champion

whats the cost with ISA Server though?

-----
PC1: Q6600 | P35-DS3P | 2gb Ram | 7900GT | 320+320+320+160gb | 22" Viewsonic
PC2: AXP2800+ | Kt4 Ultra | 512m Ram | 6600Gt | 40gb
Laptop: T9300 (2.5ghz) | 4gb Ram | 200gb 7200RPM Sata | 512mb 8800m GTX | 17" (1920x 1200) | Full Size KB

eckythump 
9/9/08 4:04:04 AM
Champion

How about you actually describe your network layout a bit better and then we might be able to give you some real advice.

And your manager sounds like a typical manger when it comes to IT related things: A dickhead.

Transparent proxying using a linux or BSD machine is fairly trivial.

But yeah, describe your network layout, and give details as to what system(s) are doing what, namely the VPN management, etc.

-----
My mind is a swirling miasma of scintillating thoughts and turgid ideas.

freakonaleash 
9/9/08 3:34:07 PM
Champion

Ok, so the best of my knowledge...

We run the range on 192.168.1.x for everything. The domain controller is sitting on .2 and the Router is on .5. The modem is just a bridged device and the modem is a Billion Bigaurd 30.

The VPN is just managed through that. users dial in and can acces their shares and their emails. not sure what else you would like about the VPN management.

The network is a very basic layout with it running simething like:
 
{adsl modem} - {router} - {switch} - {rest of network}

if that makes sense. there is nothing special and i am unsure as to what can be done to assist.

He would be happy with a linux/bsd solution but i have only been able to get it to work properly by changing the iprange on the modem side of things. i wasn't able to get it to work with the cards being the same ip range.

As its a new thing i am open to suggestions and i *should* be able to sway him round to most things if i can proove it will work.

-----
PC1: Q6600 | P35-DS3P | 2gb Ram | 7900GT | 320+320+320+160gb | 22" Viewsonic
PC2: AXP2800+ | Kt4 Ultra | 512m Ram | 6600Gt | 40gb
Laptop: T9300 (2.5ghz) | 4gb Ram | 200gb 7200RPM Sata | 512mb 8800m GTX | 17" (1920x 1200) | Full Size KB

  1  
Forums | Networking