Default gateway which depends on current user - possible?

Giganews Newsgroups
Subject: Default gateway which depends on current user - possible?
Posted by:  i…@omeganet.de
Date: 4 Feb 2005

Hi folks,

a problem which I wasn't able to solve in a satisfying manner yet:

Let there be a subnet (192.168.10.0/24) with a gateway (192.168.10.250)
which is used by the other machines (Windows 2000 Professional) as
default gateway. But a normal user on the network should have access to
internal resources only, and not to the internet and not to the
gateway; an administrator should have this access.

There are several possible solutions (firewalls and third-party
products etc.), but I would really like to know how to achieve this
with built-in mechanisms of w2k. Therefore, in a naive point of view,
the solution would be: if an administrator logs on the workstation (or
if a service is starting with the administrator account even when
nobody is logged in), the default gateway entry in the network
configuration should be used, and the user or the service should have
access to external resources; if a normal user logs in (or if a service
starts with a normal user account), the default gateway has to be
disabled, and the user or service should have only access to internal
resources.

I have tried to do this with group or system policies and with scripts,
but the principal problem seems to be that all network setting are
machine wide and the same to all processes; I have found no way to give
different network settings to different processes which run at the same
time.

Has anyone already solved this problem?

Thank you very much,

Peter

Replies