Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 7642 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web Filtering Rule Position Question

BobbyDigital

I have a web filtering rule to restrict explicit content access to one IP address. It is at the top of the rule base. However it does not work. I'm suspecting because I have another rule that allows this access and it is network based. 

In my dealings in the past. Most firewalls use a top down hierarchy when it comes to applying the firewall rules. I know the web filter works because if I apply it to the network rule at the lower bottom the explicit content is blocked. 

Secondly, since I am in transparent mode and I dont have users authenticating for network access is it possible to bypass the login page when the web filter blocks traffic and send them directly to the splash page?

 



This thread was automatically locked due to age.
Parents
  • 0

    Bobby,

    can you share your Firewall rule?

    I suspect that the first rule the check box "Match know users" is checked. Even if users is any, users have to authenticate in order to hit that rule. XG as other firewall uses the top-down approach.

    For the Block page, go to Autnetication > Services and at the bottom of the page, change the captive portal settings to "Prompt unauthenticated users to login: no" and there is another option that says "blocked message" but I cannot remember the correct name.

    Regards

Reply
  • 0

    Bobby,

    can you share your Firewall rule?

    I suspect that the first rule the check box "Match know users" is checked. Even if users is any, users have to authenticate in order to hit that rule. XG as other firewall uses the top-down approach.

    For the Block page, go to Autnetication > Services and at the bottom of the page, change the captive portal settings to "Prompt unauthenticated users to login: no" and there is another option that says "blocked message" but I cannot remember the correct name.

    Regards

Children
No Data