How do I block second network connection access

G

Guest

Guest
Archived from groups: microsoft.public.win2000.security (More info?)

How do I block second network connection access, like if the Laptop already
connected to corporate LAN. If the user tries connecting using dialup
connection to internet or other network, it should not allow him to connect
second network(or internet). Is there any way to block?

Scenario 2:
If the laptop user first connected to Internet using dialup connection then
he is connecting the laptop to Corporate LAN. System should not connect to
local LAN.

At a given point of time the system should use only one connection either
LAN or Dialup.
If user tries it should not connect to second network.
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.security (More info?)

There is a GPO that can be set to block network bridging (the merging of 2
networks). The GPO for disabling network bridging is located under AD users
and computers, under the Group Policy Object Editor, then go to
Administrative Template/Network/Network Connections. (This is only for XP
by the way).

This won't keep them from being active on both networks but it will stop
default flow of packets between the 2 networks. You could also use hardware
profiles (if these are laptops) that foce the machine to only use the
docking station connection when docked thus forcing them to use the LAN
connection.
--
Curtis Koenig
Security Support Engineer
Product Support Services, Security Team
MCSE, MCSES, CISSP

This posting is provided "AS IS" with no warranties and confers no rights.
Please reply to the newsgroup so that others may benefit. Thanks!

--------------------
>From: "=?Utf-8?B?QXNob2s=?=" <Ashok@discussions.microsoft.com>
>Subject: How do I block second network connection access
>Date: Fri, 25 Feb 2005 23:41:07 -0800
>
>How do I block second network connection access, like if the Laptop
already
>connected to corporate LAN. If the user tries connecting using dialup
>connection to internet or other network, it should not allow him to
connect
>second network(or internet). Is there any way to block?
>
>Scenario 2:
>If the laptop user first connected to Internet using dialup connection
then
>he is connecting the laptop to Corporate LAN. System should not connect to
>local LAN.
>
>At a given point of time the system should use only one connection either
>LAN or Dialup.
>If user tries it should not connect to second network.
>
>