Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
669
Views
0
Helpful
1
Replies

Allow access to users who are not domain and have no fixed IP

Go to solution
Ulises Pena Rojas
Level 1
Level 1

‎09-06-2011 09:00 AM

Hello!!

In my company I have a group of people who are visiting

Users need Internet access, domain users are not and will not have a fixed location and who will be moving into the entire network, such as are now in a mansard roof and tomorrow will be elsewhere, and so on.

Taking into account the above need to find ways they can access the Internet, whether or not domain users and without us having to assign a fixed IP.

I have a list of sites you need to enter this list where I add?

Can I use an explicit or implicit proxy?

Thank You Very Much for you support

I have a device with the following features

Model: IronPort S370 (Web Security Apliance)

Transparent Proxy Mode

Is Linked to a Domain

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Ken Stieers
VIP
VIP

‎09-06-2011 09:14 AM

You can still point them at the explicit proxy, even though you're in Transparent Proxy mode.

If you have a limited set of sites that they need, you can create a Custom URL list under "Web Security Manager>Custom URL Categories", then create an identity for that custom URL list that doesn't require authentication under "Web Security Manager>Identities."    One concern there is that your users may be able to hit those sites without being authenticated.

Or you could create a new group in AD called "Visitors", create new users for the visitors, add them to this group. Make this group their default group, remove them from Domain Users.  Now they can uses these credentials to go surfing, but have access to nothing on your network (assuming you don't use "Everyone" for anything on your network).

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Ken Stieers
VIP
VIP

‎09-06-2011 09:14 AM

You can still point them at the explicit proxy, even though you're in Transparent Proxy mode.

If you have a limited set of sites that they need, you can create a Custom URL list under "Web Security Manager>Custom URL Categories", then create an identity for that custom URL list that doesn't require authentication under "Web Security Manager>Identities."    One concern there is that your users may be able to hit those sites without being authenticated.

Or you could create a new group in AD called "Visitors", create new users for the visitors, add them to this group. Make this group their default group, remove them from Domain Users.  Now they can uses these credentials to go surfing, but have access to nothing on your network (assuming you don't use "Everyone" for anything on your network).

0 Helpful
Customers Also Viewed These Support Documents