Prevent Anonymous Access

[Andy Sheley]

I have a Windows 2000 domain setup and has NAT running on
it. How can I prevent anonymous users(users who havn't
signed on to the domain) from using the NAT services on
the domain server. Currently if a computer boots up on
the network without logging on to the domain, they can
still use the internet. I want to make it so only users
that have logged in can use the internet connection
through NAT on the server. Ideas?

 

[Steven L Umbach]

About the only thing that could be done is to not allow users to have local
machine accounts so that they are forced to log onto the domain to gain access
to the computer. Of course that would mean that they could not have
administrator rights on the local machine. If you are having a problem with
users attaching unauthorized computers to "your" network, then I suggest you
institute a strict network user policy and enforce it. --- Steve

 

[Keith Langmead]

If you set up one of your servers on the internet border as a proxy, set the
proxy to require the user to be logged in to the domain, and make the only
route available to the internet for the users to be via the proxy, then
anyone who is not logged into the domain will not be able to access the web.

Keith (at least I think that'll work)