Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 7 replies
  • Answers 1 answer
  • Subscribers 26 subscribers
  • Views 3414 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

primeros pasos

Antonio Lopez

Buenas

 

empece esta semana con la version home de XG firewall pero no se muy bien por donde empezar despues de la configuracion inicial. son la regla por defecto etc.

quisiera configurar un grupo de usuarios que solo les aplicara una cierta politica de horario acceso. esto monta un proxy? 

por donde podria empezar?

 

un saludo



This thread was automatically locked due to age.
Parents
  • 0

    Antonio,

    sorry but I do not speak spanish. You can create users on XG and then apply firewall rules to users directly by ticking the box "Match know users" and adding there the users.

    The other option is to import users from AD. Here the Sophos KB:

    https://community.sophos.com/kb/en-us/123156

    Anyway I can give you an hand tomorrow night (as soon I am back at home).

    Regards,

  • 0 in reply to lferrara

    The installation is for home and have controlled the boys (children). Is not professional, I have created a new rule and a more restrictive filter category. A pair of users within a group, and each user identified by the mac of their pcs. Restingiendo the duration of its access to Internet in schedule. But my question is:
    By default the XG firewall is a transparent proxy? Are connected and there is no validation window as if it were a captive portal.

     
     
    thanks
  • +1 in reply to Antonio Lopez

    Antonio,

    by default XG acts as a transparent proxy (when the web filter is applied). You can use authentication agent (SAA), Clientless users, LDAP and Captive Portal to authenticate Users.

    In order to force the users to authenticate in some way, you have to enable "Match know users" on the Firewall rule. This will create the association user > IP and then the Firewall will apply the proper firewall rule.

    If you use IP/MAC address, the match know users is not needed. In this case you will have logs per IP address and not user.

  • 0 in reply to lferrara

    Thank you

    And the order of the rules? Create a rule clone for a group of users and give it the secondary order.

    Would work ok

  • 0 in reply to Antonio Lopez

    Antonio,

    Firewalls use the concept of "first match". So the first matched rule will be used. All the rest will be discarded!

    Regards

  • 0 in reply to lferrara

    I created a rule for users and I limit the connection time this rule I put it in the first place and has no effect neither time nor web content. Can access the entire internet.
    any ideas?

     only see the ips no user conected? its normaly? my user its asociated a MAC address

    they are two user with mac list, user1 and user 2 group clhildren

  • 0 in reply to Antonio Lopez

    Antonio,

    You should open a new thread as this one is answered.

    On the new thread post the issue and screenshot of your configuration.

    Thanks

Reply Children
No Data