Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 10 replies
  • Subscribers 27 subscribers
  • Views 15538 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Why do i have to create a new rule for customizing web and application filtering for one user?

Kandarp Desai1

Suppose I want to give temporary access to a particular user/ip/mac in restricted access group to some websites for 2 hours. After 2 hours the website will again be blocked for that particular user. So how do i accomplish this?Currently I have to make a rule specially  above the restricted group rule for that particular user then after 2 hours need to off that rule. But this is a little time consuming and sometimes we can forget about deleting that rule. Any better method out there ?



This thread was automatically locked due to age.
Parents
  • 0

    Hi Kandarp,

     

    Please share your firewall rules and filtering configurations, thanks.

     

    Regards,

    Raphael

  • 0 in reply to Ashen1

     

    Hi Raphael,

    The rule i have highlighted is the one im talking about. These are all MAC based rules.

    Even if i opt for 'match known users' , i.e user based rules, then too i need to create a rule right?

    In the above scenario, the user was previously in Restricted access group and i had to give him special access for 2 hours to facebook/twitter. So i had to make a rule.

    Now i have many such users who need access to different sites which are currently blocked for a limited time like say 2 hours.

Reply
  • 0 in reply to Ashen1

     

    Hi Raphael,

    The rule i have highlighted is the one im talking about. These are all MAC based rules.

    Even if i opt for 'match known users' , i.e user based rules, then too i need to create a rule right?

    In the above scenario, the user was previously in Restricted access group and i had to give him special access for 2 hours to facebook/twitter. So i had to make a rule.

    Now i have many such users who need access to different sites which are currently blocked for a limited time like say 2 hours.

Children
  • 0 in reply to Kandarp Desai1

    Can someone please help with this?

  • +1 in reply to Kandarp Desai1

    Rather than creating another firewall rule you can create another rule in the web policy.  Though in some ways this just moves the solution, policy rules are much easier to create.

    Go to Web, Policies.  Open the policy that the users are currently hitting.

    Add Rule near the top.  Set the user to the one you want to affect and Activities to AllWebTraffic (for unrestricted) or to the specific category you want to allow.  Set the status to On.

    When they are no longer allowed, set status to Off or delete the line.

    Although you can also set Time Constraints, you can only select reoccurring time periods and cannot create a rule that automatically turns off in two hours.

     

  • 0 in reply to Kandarp Desai1

    Also, you should be aware that using the "Any" service basically opens the firewall up to allow traffic through every port.  This is most likely not your intention.