Hi, I'm currently running 15 machines all nicely lan'ed and each machine can access the internet fine. What I need to do Is block internet access but not file sharing to some of those machines.
I've searched the internet for a few weeks now and can find nothing that helps.

I can block all of them or filter certain url's via 3rd party software but it's not what I want.

Surely someone must have done this?

Any help would be greatly appreciated.

If you have W2k server with ISA server you can do that very nicely. ISA server is the new improved proxy server. That can block some sites or all sites. It's also great for blocking popup ads!

For a small network, you can't beat Small Business Server 2000. It has a bunch of features like.........

W2k server
Exchange server 2000
ISA server
SQL server

I am running Win2k Server edition with Win2k Pro on all the other machines. What is ISA server? An addon or a separate program?

If your using a router you can set access-lists, if you are using RRAS (Win2K server) then you can set up filters in RRAS that will block IP's.

You don't necessarily want to go with ISA ($) if you don't have to.

You don't just want to block IP addresses, that's fine for the machines that you don't want to have any internet access, but it won't work for the one you do want to have file sharing accesses. You need to block ports in their case.

Routers that have Access List Capabilities (Cisco, Nortel, etc.) can block at the port level. If you already have one in your network to the internet then that would be the cheapest way.

The most effective method would be to buy a firewall, what you want is exactly what they are designed for. Then you can control IPs, ports, and applications.

D

ISA server is a firewall / web proxy software. You can download a free eval at MS.