Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 4 replies
  • Answers 2 answers
  • Subscribers 27 subscribers
  • Views 11668 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Block internet access for AD groups authenticated users in XG firewall

Fred atallas

Hello,

i want to block internet access to any user profile in XG device ( i dont want to block by IP since i still want to give internet access to other users on the same station )

the two logical ways are either to create a new rule to reject wan access to user profile as source or in client list where i can deny all internet traffic 

none of the these solutions block internet access

all users are imported from AD and STAS collector is installed on DC .

any hint what could be the solution to apply

 

 

thanks



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to Fred atallas

    Fred atallas said:

    Hello Aditya ,

     

    i tried both ways 1 and 2 but not seem to be applied since the user can still surf to the intranet .

     

    Fred,

    you cannot restrict access to Intranet unless the XG is used to manage all intra-vlan networks or is deployed in bridge mode.

    To deny access to intranet, you need to play with your Web Server Authentication mechanisms.

    Regards

  • 0 in reply to Fred atallas

    Hi Fred,

    You have mentioned the internet as per the original post, as for Intranet you may need to check if the traffic is traversing through the XG or not. If not then your web server should manage the connections and if so you may manage through the 2 options presented.