Microsoft Windows XP Networking Inside Out
.pdf
6 Chapter
138
Part 2: Internet Networking
flexibility gives you a number of networking options so that Internet Explorer can meet your connectivity needs. To configure Internet Explorer to work with the existing connection(s) on your computer, use the Connections tab located in the Internet Options dialog box. In Internet Explorer, choose Tools, Options, and click the Connections tab, which is shown in Figure 6-1. On this tab, you can manage dial-up and virtual private network (VPN) settings as well as LAN settings. This section explores the options and features provided on the Connections tab.
Internet Explorer works with the Internet or intranet connections that you have created on your computer in Network Connections. To learn more about creating Internet and intranet connections, see Chapter 4, “Configuring Internet Connections.”
Figure 6-1. The Connections tab provides a single location to configure the Internet connection(s) Internet Explorer should use.
Using Other Web Browsers with Windows XP
If Internet Explorer was installed as the default Web browser when you installed Windows XP, you are not required to use it. You can install another browser and use it in addition to Internet Explorer or instead of Internet Explorer. If you don’t want to use Internet Explorer, you can remove the Internet Explorer icons and shortcuts by following these steps:
1Choose Start, Control Panel, and then open Add Or Remove Programs.
2Click the Add/Remove Windows Components button.
3On the Windows Components page of the Windows Components Wizard, shown in Figure 6-2, clear the check box next to Internet Explorer, and then click Next.
2: Internet Networking
Chapter 6: Using Internet Explorer Advanced Features
InsideOut (continued)
Figure 6-2. Clear the Internet Explorer check box to remove Internet Explorer icons and shortcuts.
4 Windows XP configures the change. Click Finish to close the wizard.
Note that you can also remove MSN Explorer in the same way: Just clear the MSN Explorer check box on the Windows Components page to remove it.
Dial-up and Virtual Private Network Connections
The Dial-Up And Virtual Private Network Settings section of the Connections tab provides you with dial-up and VPN settings for Internet Explorer. Keep in mind that Internet Explorer simply uses the dial-up and VPN connections you’ve already created in the Network Connections folder. If you have not yet created the Internet connection, you can click the Setup button on the Connections tab to open the New Connection Wizard. This is the same wizard you would use in Network Connections to set up a new Internet connection. Like all connections, the new connection you create will appear in the Network Connections folder and will be available for Internet Explorer to use.
Another way to create a new dial-up or VPN connection is to click the Add button. This button opens the New Connection Wizard and takes you to the Type Of Connection page. You can then create a new dial-up or VPN connection by following these steps:
1On the Type Of Connection page, select the type of connection that you want to add, such as Dial-Up To Private Network or Connect To A Private Network Through The Internet, as shown in Figure 6-3 on the next page. Click Next.
139
Chapter 6
2: Internet Networking
Part 2: Internet Networking
6 Chapter
140
Figure 6-3. Choose the type of new connection that you want to create.
2Depending on the type of connection you choose to create, the wizard will ask you for appropriate information, such as a phone number for a modem connection or whether to automatically dial a VPN connection. Supply the requested information and click Next. For more detailed information about completing this wizard, see “Creating New Internet Connections” on page 103, and “Creating a Connection to a VPN Server” on page 515.
3Click Finish. If additional settings need to be configured, the appropriate Settings dialog box for the new connection will appear. Enter the settings and click OK.
As is shown in Figure 6-1 on page 138, once the dial-up or VPN connections are created, they appear in the box on the Connections tab. If you have more than one dial-up or VPN connection, you need to choose one as your default connection by selecting
it and clicking Set Default. Then make one of the following three choices for the default connection:
●Never Dial A Connection. This option prevents Internet Explorer from automatically dialing your connection. If you select this option, you will first need to manually connect to the Internet before using Internet Explorer because Internet Explorer will not launch a dial-up session automatically.
tip As a point of reference for troubleshooting, always examine this setting if Internet Explorer is unable to access the Internet. This option is sometimes the culprit.
●Dial Whenever A Network Connection Is Not Present. This setting, which works well for most users, automatically dials an Internet connection when you open Internet Explorer if no existing connection is available. If you are
2: Internet Networking
Chapter 6: Using Internet Explorer Advanced Features
already connected when you open Internet Explorer, the existing connection will be used. Note that if Internet Explorer does dial the connection, your default Internet connection will be used.
●Always Dial My Default Connection. If you don’t want Internet Explorer to attempt to use a network connection first, choosing this option will cause Internet Explorer to always (unlike the second option) and automatically (unlike the first option) use the default dial-up or VPN connection.
note From the Connections tab, you can also remove a dial-up or VPN connection you no longer need. To do so, select the connection in the box and click the Remove button.
There also might be instances where you need to contact a proxy server in order to access a dial-up connection. A proxy server is a computer that stands between client computers and the Internet. The proxy server works on behalf of the client computers to retrieve information from the Internet and also acts as a security boundary for the network. If you click the Settings button, you can configure access to a proxy server for the dial-up or VPN account you have selected in the window.
caution The Settings button is only used to configure proxy settings to a dial-up or VPN connection. This button is not used to configure LAN access settings, such as in the case of Digital Subscriber Line (DSL) modems, cable connections, or local area connections. See the next section for details.
The connection’s settings dialog box, shown in Figure 6-4, gives you three configuration options for connecting to a proxy server.
Chapter 6
Figure 6-4. Use the connection’s settings dialog box to configure proxy server access for a dial-up or VPN connection.
141
2: Internet Networking
6 Chapter
142
Part 2: Internet Networking
●Automatic Configuration. If the proxy server is set up for automatic configuration, you can select the Automatically Detect Settings option or point the way to the automatic configuration script by choosing Use Automatic Configuration Script and supplying the URL or file name containing the configurations. Automatic configuration options and scripts are set up on the proxy server, so do not use these settings unless you are sure they are supported. See the proxy server administrator for details.
●Proxy Server. In this section, you can provide the address to a particular proxy server. If you know that your computer should access a certain server, select the Use A Proxy Server For This Connection check box and enter the proxy server’s IP address. If additional port information applies, you can add the port and click the Advanced button to specify other TCP ports that can be used. Again, you’ll need to contact the proxy server administrator for details.
●Dial-Up Settings. In this section, you can specify the necessary user name and password to access your ISP. If you click the Advanced button, the Advanced Dial-Up options appear, which are shown in Figure 6-5. You can specify how many times Windows XP will attempt to connect, how long to wait before attempts, and how to disconnect.
tip If a dial-up proxy server connection keeps disconnecting after a period of idle time, you might be able to stop that behavior by clearing both the Disconnect If Idle For and Disconnect When Connection May No Longer Be Needed options in this dialog box. However, the dial-up proxy server might be configured to automatically disconnect you after a preset amount of idle time anyway.
Figure 6-5. Use the Advanced Dial-Up dialog box to configure, connect, and disconnect features.
Local Area Network (LAN) Settings
The LAN Settings button at the bottom of the Connections tab is used to select broadband Internet access, such as DSL, cable, and satellite. You also use the LAN Settings option if you are using a network adapter to access a proxy server that has a network connection to the Internet or to an ISP.
2: Internet Networking
Chapter 6: Using Internet Explorer Advanced Features
In order to configure the LAN settings so that Internet Explorer can use the broadband or network connection, click the LAN Settings button and specify the correct settings in the LAN Settings dialog box shown in Figure 6-6. As you can see, you can choose from the automatic configuration options or specify the address of a proxy server. Again, check your broadband documentation for details or contact your network administrator if you are accessing the Internet through a proxy server.
note In many cases, LAN Settings are configured automatically through Group Policy in Windows 2000 domains by network administrators so that no configuration is required by the user. All users have to do is open Internet Explorer and use the Internet. If your computer resides in a workgroup (home or office), you can also
use local Group Policy in Windows XP Professional to apply a collection of Internet Explorer settings to all users who log on to the local computer. See “Managing Internet Explorer with Local Group Policy” on page 174 for details.
Figure 6-6. Use the LAN Settings dialog box to configure access to a broadband or network connection. This dialog box should not be used for dial-up networking or VPN connections.
Setting Internet Explorer Security Levels
As Internet usage has grown, security problems have grown as well. Virus-infected active content embedded in Java applets and ActiveX controls as well as malicious download content are all a part of using today’s Internet. To face this challenge, Internet Explorer includes a number of security features that you can configure by the type of environment in which they’ll operate, such as the Internet or a corporate intranet. The different security settings and features give you a way to apply a security level that is appropriate for you as well as for other Internet users who access your computer.
143
Chapter 6
2: Internet Networking
Part 2: Internet Networking
To learn more about the types of security threats that you face in viewing Web content, see “Understanding Security Threats,” page 560.
Security Zones
Internet Explorer provides four different security zones, which you can access by choosing Tools, Internet Options. At the top of the Security tab are the icons for Internet, Local Intranet, Trusted Sites, and Restricted Sites zones, as shown in Figure 6-7. If you select a zone, you can see the current security level of the zone in the lower portion of the window.
6 Chapter
144
Figure 6-7. Security can be configured by zone on the Security tab of Internet Options.
There are four preconfigured levels of security that you can select for each zone by simply moving the slider:
●High. Using this setting, all features that are less secure are disabled. This is the safest way to use the Internet, but it provides you with the least amount of functionality. All ActiveX content is disabled along with all downloads.
Additionally, there are a number of restrictions on accessing data and requesting data.
●Medium. The medium setting does not allow the downloading of unsigned ActiveX controls, and you see the familiar prompt before downloading potentially unsafe content. Browsing is safe yet functional under this setting, and in most cases this is the best setting to use.
●Medium-Low. The medium-low setting will run most content without prompts but still does not allow unsigned ActiveX controls. This setting is safe for intranet use.
●Low. The low setting provides basic warnings and few safeguards. All active content can run. This setting is not recommended unless the site is one you completely trust.
2: Internet Networking
Chapter 6: Using Internet Explorer Advanced Features
You can configure different settings for each zone by simply selecting the zone and moving the slider. However, you can also customize the four security levels by clicking the Custom Level button. This opens the Security Settings dialog box, as shown in Figure 6-8. You can scroll through the list of settings and choose Disable, Enable, or Prompt for each security setting. This enables you to create a custom security setting that invokes the features that you want instead of the default options.
Figure 6-8. Use the Security Settings dialog box to configure a zone with a custom security configuration.
tip If you want to see the settings that are used for one of the default security levels, open the Reset To list at the bottom of the Security Settings dialog box, select a security level, and click Reset. You can view how each custom setting is applied under one of the default security options. You can then customize the settings.
So, how should you configure each zone? The following sections give you some quick and easy pointers that you should keep in mind when configuring security zones in Internet Explorer.
Internet Zone
The medium setting is the best setting for the Internet zone. You have the best browsing functionality and still have enough controls in place to keep the computer reasonably protected. You can, of course, customize the settings as needed. As you are working with the Internet zone, not only is it a good idea to keep the highest security settings in mind, but also to maintain good usage features. Even though low security settings might make browsing easier, you are just asking for trouble.
Chapter 6
145
2: Internet Networking
Part 2: Internet Networking
Local Intranet Zone
The default setting for the Local Intranet zone is medium-low. This setting lets you use the intranet freely, but unsigned ActiveX controls are not allowed. However, Microsoft now recommends that you set the security level for the Local Intranet zone to medium, the same setting as the Internet zone.
If you select the Local Intranet icon on the Security tab, you can also click the Sites button and set three other options that determine which Web sites are included in the Local Intranet zone security level, as shown in Figure 6-9. You can choose Include All Local (Intranet) Sites Not Listed In Other Zones, Include All Sites That Bypass The Proxy Server, and Include All Network Paths. The default setting enables all three of these options, and you should typically leave these enabled. You can also click the Advanced button and add specific, trusted public Web sites to this zone as well.
6 Chapter
146
Figure 6-9. The default configuration for the Local Intranet zone accepts these three categories of sites into the zone.
Trusted Sites Zone
If you use a particular site often and you know that content from the site is safe, you can add the site to your Trusted Sites zone. The Trusted Sites zone is made up of sites that you deem trustworthy. Traditionally, when a site was added to the Trusted Sites zone, the low security setting was used, allowing you to freely use the site without any security restrictions. Recently, however, Microsoft has begun recommending that even the Trusted Sites zone be configured to use the medium level of security.
To add trusted sites to your Trusted Sites zone, follow these steps:
1On the Security tab, click the Trusted Sites zone, and then click the Sites button.
2In the Trusted Sites dialog box, shown in Figure 6-10, enter the URL of the trusted site and click the Add button. Repeat this process to add other sites. Note that you can remove a site at any time by selecting it in the Web Sites list and clicking the Remove button. You can also require server verification (if supported by the site) for sites in the zone. Click OK when you are done.
2: Internet Networking
Chapter 6: Using Internet Explorer Advanced Features
Figure 6-10. Enter trusted sites and click the Add button. You can also remove a site at any time.
You encounter problems related to your security zone settings.
Security zones are a great way to protect your computer from malicious content. However, some of the settings might prevent you from using the Internet in ways that you need to. The following list contains some common security zone aggravations and their solutions:
● You can’t enter data at Web sites. If you cannot enter data, the Web sites are using nonencrypted forms. Some security settings prohibit this action, but you can override the settings by clicking the Custom Level button. Under Miscellaneous, set Submit Nonencrypted Form Data to Enable if you want
to enter data at Web sites that don’t encrypt the information you submit.
● You are always prompted for a user name and password when you try to access sites. The high security level requires that a user name and password be entered for authentication. You can override this requirement by clicking the Custom Level button. Under User Authentication, choose a less restrictive setting than Prompt For User Name And Password.
● You can’t download files. The high security level does not allow file downloads. Choose a different security level, or click the Custom Level button, and
under Downloads, set File Download to Enable. |
6 |
|
Chapter |
||
|
147
2: Internet Networking