Hi all,

We run a flat Windows 2003 network at school. We've been running Cachepilot (Version: 5.2.10) for some time now and it works fine (although it can be flaky at times).

However, I've noticed that when we plug in a workstation that is not on our domain, so say a WORKGROUP, it goes straight out onto the Internet and the user is free to browse to any website of their choosing.

This is obviously a huge security concern. I've looked in Cachepilot's Groups and noticed groups named "Anonymous" (Users in this group have an IP source address in a trust group that requires no authentication), "No Profile" (Unrecognised Active Directory users belong to this group), and "open".

I think that Cachepilot is supposed to deny access to any user who isn't authenticating with AD, but its not working. "No profile" is configured with "Web: No Acccess". But to no affect.

I would be grateful if anyone could help me with this matter - additional information is on hand if needed.