Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 3795 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

how to allow only Web-Mail for a specific group of people

Joseph Haggar

Hello,

Using XG firewall,

 

For a specific group of people, I need to allow only webmail.

So I have created a rule with a “WEB” policy allowing only web-mail

This problem is the same for all webmail servers (Gmail, Hotmail, Yahoo mail, etc...)

 

I will use the Gmail as example:

When I try to open gmail.com

I’m re-directed to https://www.google.com/gmail/  (logging page)

Then to https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=https://mail.google.com/mail/&ss=1&scc=1&ltmpl=default&ltmplcache=2&emr=1&osid=1#  (for authentication)

 

The problem is that those 2 URLs are blocked as the first is categorized as search engine and the second as dynamic DNS & ISP

I need my users to be able to use their mails without allowing other categories

I have also tried to create a URL for those URLs by the firewall doesn’t accept it

What can I do?

 



This thread was automatically locked due to age.
  • 0

    Hi,

    You will also need you add an application policy and probably https scanning as well. Which will mean deploying CA to all users.

    Further you will need to review your web policy as is appears to a bit generic for what you are trying to achieve.

    Ian

  • 0 in reply to rfcat_vk

    Thanks for your feedback

     

    it didn't work like that

     

    but I solved it by creating new Category for each mail server

    adding the URL that this server use and allowing the users to access it.

    screenshots below will show the solution.

     

    now I have another issue, users can open the mailbox but can't download attachments.