|
Posted by Anthony on November 14, 2007, 1:16 pm
Please log in for more thread options
Hi Roger,
I can think of a couple of ways you might do this.
1) Set up a separate web site for those pages, on a different IP address. Do
not allow access to this site from outside the campus.
2) On those pages, require Windows Integrated, Basic+SSL or Digest
authentication, so the authentication details are protected.
Hope that helps,
Anthony, http://www.airdesk.co.uk
> We have a stand alone Windows 2003 server running IIS 6 on a major
> corporate
> network. This computer has a Local Policy configured such that people
> with
> non-corporate ip addresses can only view pages on the web server. ANY
> other
> access to the server is limited to computers with in-house IP addresses on
> the network. This means that off-campus users must VPN into the corporate
> network before they can map drives to the server, make a remote access
> connection to the server or do any other work there.
>
> We have a single web page that runs a simple ASP script, the viewing of
> which we'd like to limit to two on-campus web editors (who belong to a
> already configured, server local group). Initially, we thought about
> setting
> NTFS security on the file, but this then prompts anyone not locally logged
> into the server for a username and password. We obviously don't want
> usernames and passwords traveling outside of the VPN, which is what would
> happen when anyone outside of the VPN connection tries to view this file.
>
> What is the best way to lock down this web page (which again contains a
> "web
> page counter" ASP script) so that only on-campus IP addresses that are
> also
> members of this server local group can access same?
>
> Any advice would be greatly appreciated.
>
> Roger.
>
| 
XML Sitemap