Hi,
i have XG with V18 MR5 Build 586. it is integrated with Active Directory. users/groups are imported in it. office 365 is being used by all users for emails and so on.
My Requirement is given below:
1. I need to block internet browsing for few users. but for those user whose internet is blocked their office365(outlook/teams/sahrepoint) should keep working.
2. I need that for those user to whom internet is allowed,office365(outlook/teams/sahrepoint) should keep working, when user open browser then if he need to do browsing then captive portal will appear and he will give his username and password of AD and he will start browsing according to policies
What i have done is given below:
1. Integrated AD with firewall and imported users
2. Created a DNS rules for name resolution and kept it on top, should i need to create this ???
3. I created firewall rule according to user/group, call appropriate user/group in that Firewall rule. i did not check the show captive portal to unauthenticated users.
4. Created a web policy for office 365 url and make a firewall for office365 so that every user who is authenticated or not will get his emails. i kept this rule in
bottom, means this is the last rule.
The Challenge i am facing:
with above given Firewall rules, all users who are autenticated and who are not authenticated are able to get emails from office365
but user when open the browser then he did not get the captive portal page automatically. when i manually open like https://1.1.1.:8090 then page appears.
to overcome this when i check the checkbox show captive portal to unathenciated user in firewall rule. then those user to whom i dont want to use internet did not get emails too and other users start getting captive portal and emails as well but these user only start getting email once authenticate on portal.
please advise how can i achive my requirement given above.
regards,
This thread was automatically locked due to age.
