Control user access to MSN
Moderator: Qbik Staff
4 posts
• Page 1 of 1
Control user access to MSN
by midnightbomber » Aug 19 04 5:40 am
I am using ver 5.2.3 and WGIC on users systems. I have policies defined on WWW, SOCKS, FTP and POP to allow access only to authenticated users of a particular Windows 2000 user group. I have also redirected WWW and FTP sessions to ensure that these policies are applied. This works well and only authenticated users are able to access the internet or FTP sites. However, MSN is not being affected by these policies. Users who are not able to access the internet for browsing or FTP are able to access MSN with no restrictions. There is no redirect option for SOCKS. How to I apply policies to restrict MSN access only to authenticated users?
- midnightbomber
- Posts: 27
- Joined: Oct 15 03 3:16 am
by erwin » Aug 19 04 9:43 am
Hi there
When you say that MSN is not being restricted do you mean that unauthenticated users can only reach the MSN site and nothing else.
Or are you referring to them using the application MSN Messenger.?
If the unauthenticated users are able to access MSN site (via WWW proxy) then there would probably be nothing stopping them from accessing the Internet at large via WWW . Check that no other system policies are affecting the WWW proxy policy (make sure the default rights (system policies) setting on the front of the Policy window is set to "Are ignored")
If you want to restrict Internet access only for authorized users and your client are using WGIC the you can simply set a Policy that users must be authenticated to use the WRP(Winsock Redirector Protocol) service in WinGate.
As the WRP service is what WGIC uses to communicate all client requests to Wingate restricting access(require authentication) here makes all (WGIC) clients need to be authenticated before ANY form of Internet access can happen.
Regards
Erwin
When you say that MSN is not being restricted do you mean that unauthenticated users can only reach the MSN site and nothing else.
Or are you referring to them using the application MSN Messenger.?
If the unauthenticated users are able to access MSN site (via WWW proxy) then there would probably be nothing stopping them from accessing the Internet at large via WWW . Check that no other system policies are affecting the WWW proxy policy (make sure the default rights (system policies) setting on the front of the Policy window is set to "Are ignored")
If you want to restrict Internet access only for authorized users and your client are using WGIC the you can simply set a Policy that users must be authenticated to use the WRP(Winsock Redirector Protocol) service in WinGate.
As the WRP service is what WGIC uses to communicate all client requests to Wingate restricting access(require authentication) here makes all (WGIC) clients need to be authenticated before ANY form of Internet access can happen.
Regards
Erwin
- erwin
- Qbik Staff
- Posts: 408
- Joined: Sep 03 03 2:54 pm
by midnightbomber » Aug 20 04 4:24 am
Users are being authenticated but unauthenticated users are able to access MSN even though they are unable to access web sites or other internet sites. I considered the WRP policy as an option but I am concerned about othe TCP/IP applications. I have noticed that these applications will stop running or have difficulty accessing network resources if WGIC has problems connecting to the wingate server. This happens even when the applications are listed in the WGIC exception list and given local access rights. I was concerned that restricting access to the WRP would leave some people with no access to any network applications. i will try your suggestion though and see how that works.
- midnightbomber
- Posts: 27
- Joined: Oct 15 03 3:16 am
by midnightbomber » Aug 26 04 5:31 am
I tried your suggestion. It seems to be working. Thanks. Now I just have to contend with Wingate's performance issues.
- midnightbomber
- Posts: 27
- Joined: Oct 15 03 3:16 am
4 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 64 guests