Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 8 replies
  • Subscribers 29 subscribers
  • Views 23143 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG Home - Web Filter Policies based on source network

Herpderp

Hi,

I've been using UTM 9 Home Edition for a few years. I've downloaded the Sophos XG to have a play with before I think of making it my new home firewall. 

The most important thing for me is to filter my kids internet traffic transparently. The way I did this with UTM 9 was to create Network Definitions that contains all their devices based on MAC address. I was then able to create a web filter and drag these objects into the source network box. So any traffic going to and from those devices would have a strict web filter policy applied.

I've searched high and low for a similar setup and I can't figure out how I'd do it on Sophos XG.

Has anybody been able to do this yet?

I don't particularly want to have to install software on the devices to authenticate them. Besides, they have an xbox which they could surf the internet on so MAC filtering is key for me.

Many thanks



This thread was automatically locked due to age.
Parents
  • 0
    I still have my UTM 9 running, it was not possible to set web filter rules on MAC addresses, only if you define an object with a MAC address + an IP address.
    so if your kids are smart enough they could just change IP address of their device to get different filter policy.
    however in XG you can't pair an IP address and MAC address as 1 object, they must stay separate, and with different names.
  • 0 in reply to Geniux
    Abraham,

    for you kids you can choose as source network Mac Address Object and block all the content you want. At the moment no way to map IP and MAC in the same object.

    Luk
  • 0 in reply to lferrara

    I am digging up an old thread here, but I don't think its that easy.

     

    You can't filter mac addresses / IP's without installing the trusted certificate or it will not filter.

     

    Correct me if I'm wrong, but I have tried every which way and can only find installing the sophos network agent and creating users to work most effectively, which completely sucks as before anybody can come on my network, I need to add them to the firewall, otherwise my kids just work out not to authenticate and have open slather (until I made a deny all rule)

Reply
  • 0 in reply to lferrara

    I am digging up an old thread here, but I don't think its that easy.

     

    You can't filter mac addresses / IP's without installing the trusted certificate or it will not filter.

     

    Correct me if I'm wrong, but I have tried every which way and can only find installing the sophos network agent and creating users to work most effectively, which completely sucks as before anybody can come on my network, I need to add them to the firewall, otherwise my kids just work out not to authenticate and have open slather (until I made a deny all rule)

Children