Blocking of internet and allowing certain ips and ports and URL only

Hi Harshal Kothavade,

Thanks for reaching out to the Community! 

What is the firmware version on your firewall? 

You could configure custom web categories to achieve your requirements, add websites, URL, IP address that user should have access to, and block all other web categories in web policy. 

Check out the following KBA for more info: 

• Sophos XG Firewall: How to create a custom web category

Thanks,

I guess its version 18.04 

Thanks for your reply, I will give a try. will let you know if we have any question.

Lets say I created a firewall rule with Reject all internet traffic on order 1.

Then as per your suggestion created a webcategory with allowed url and kept in order 2.

what will happen? in which order XG processes the rules?

Hi Harshal Kothavade,

The firewall evaluates rules from highest to lowest order. For example, if a rule that allows all traffic precedes a rule that blocks a specific traffic type, the rule that allows all traffic is the effective rule. Add the allow policy with the custom category at the top, and block all next to it.

Check out the following document for more info: Policies

Thanks,