OT: General networking problem

Hi,

I have a general networking problem which maybe someone can help me with, the scenario is this. We have implemented a 3rd DNS filtering service

formatting link
which we use to block non-work related web browsing - our DNS servers are on our internal LAN (Windows server 2000) which resolve local names but the forwarders go to opendns where content is filtered as per our rules.

The MD of the company is now insisting that he be exempt from this filtering, so we have the problem that if we change his DNS settings to external DNS servers he will not be able to resolve any internal names. One obvious solution would be to give him 2 PCs, one for web browsing only with external DNS servers & one for internal use but I don't think that would wash. Another solution I have considered would be to give him 2 NICs one with internal DNS & one with external DNS & somehow configure the browser to use the one NIC for web browsing & the other one for internal use but I don't know how I could do this? The PC is running Windows XP prof, SP2 - if anyone has any thoughts I'd be interested to hear them?

TIA, Jase

Reply to
Jason
Loading thread data ...

Put another internal DNS server that does not resolve externally to opendns.com. Allow it to pull data from your main internal DNS server as a secondary slave. Point the MD's DNS service to that new box.

Reply to
Artie Lange

OpenDNS states:

Jas> Hi,

A thought.....

OpenDNS states:

"Filtering by Department

OpenDNS makes it easy to implement different filtering levels for different networks within your organization. Set up more restrictive filtering for some departments, and less restrictive filtering for others. It's as easy as adding the network and checking a box."

Give him his open department/settings at opendns? IDK, I haven't used any of their solutions, sounds like it might work?

Reply to
scottp2626

A thought.....

OpenDNS states:

"Filtering by Department

OpenDNS makes it easy to implement different filtering levels for different networks within your organization. Set up more restrictive filtering for some departments, and less restrictive filtering for others. It's as easy as adding the network and checking a box."

Give him his open department/settings at opendns? IDK, I haven't used any of their solutions, sounds like it might work?

Reply to
scottp2626

Ha MDs like to do that - just because they can.

If you go the 2 NIC path you can configure specific routes on XP using the "route add" command at the command prompt. Point internal routes to the appropriate NIC and a default route to the other.

"route ?" will show you all the options.

Hmm, I'm not sure if the route will stick if the PC reboots though - you may have to write a batch/script file to always set the routes at startup.

Aubrey

Reply to
Aubrey Adams

Routing will not solve this. The pc still have to point at one DNS or the other. If it goes to the solution they have now, the MD can't surf openly. If they point to a public DNS, it won't resolve internal hosts. You could put in a host file for local (manual updates of course), and point him/her to the public DNS...but I think using the your service provider to solve is probably a better option.

Reply to
Trendkill

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.