Subj : MICROSOFT PROXY SERVER To : Lawrence Garvin From : Jay Fuller Date : Mon Dec 02 2002 06:12 pm LG> JF> I've got hostnames and IP addresses for those allowed sites... LG> JF> how do i control access ? LG>Jay, I saw a response to you about using another product, but no response LG>directly to this question. Thanks for the response, Lawrence, I've been extremely behind in my replys due to ongoing projects.... I've made some suggestions to the entity I was researching this for, but we have not made any further progress into the future. I believe for now, it's not really an issue for them (since it became more complicated) LG>The answer is .. as you may well have figured out by now .. you cannot. LG>MS Proxy Server does not have the capability to restrict access by user LG>account. It can restrict by IP network, service, or port. Theoretically you LG>could create dual subnets on the same physical LAN, but that's a complex LG>solution and has ramifications beyond Proxy Server. It also requires a route LG>to be installed on the LAN in order to transport packets between those two LG>subnets. LG>Essentially you'd need to install a second MS Proxy Server, and set the defa LG>gateway on the restricted desktops to the alternate proxy server -- but even LG>that's no guarantee that the users will not 'switch' to the unrestricted pro LG>server. LG>What you really need to do this is a full-blown firewall, and there are doze LG>to choose from. My personal preference for small networks is the GnatBox LG>product (http://www.gta.com). For small networks, the product runs on a LG>diskless P133 with 32MB RAM, and supports a web-based configuration interfac LG>DHCP, DNS, SMTP Proxy, and a number of other services. Thanks for the suggestions and information. Those were some confusing documents on Microsoft's website. :) Later, Jay Fuller ------------------------------------------------------------------------ Internet: jfuller@airnet.net Fidonet Netmail: 1:3613/22 -->> Internet HOMEPAGE: http://www.airnet.net/jfuller <<-- ------------------------------------------------------------------------ * OLX 2.1 TD * "Fire,Mr. Worf!!" --- GEcho 1.00 * Origin: Deep Space Nine BBS - dsnbbs.dyndns.org - 256.734.0818 (1:3613/22) .