Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 26 subscribers
  • Views 8071 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Best approach on (time scheduled) block internet access for specific hosts but allow (or block) others on demand

Kostas Backas1

Hello,

We've been asked to block internet access during a specific time for some devices, and I guess we can do it via MAC or IP hosts. However, this first question came up:

What if the "blocked" clients use other device to access internet? How can we give access (or block access) to a specific device that is not part of the known network?

 

Best regards

Kostas



This thread was automatically locked due to age.
  • 0

    Hi Kostas,

    The easiest way is to use Authentication. That way it wouldn't matter which device the user tries to access the Internet from, they will be restricted. 

    1. Create a schedule of when you want the devices to be limited. System > Profiles > Schedule

    2. Apply this schedule to a web filter policy. If you would like to apply it to the same web filter policy that you use for everyone, clone that policy and under 'Constraints' select the schedule you created

    2. Create an additional firewall rule for the group of users who you don't want to be able to access the Internet during specific times.

    Specify those users under Identity > Match Known Users 

    3. Add this additional firewall rule ABOVE your existing LAN->WAN policy for everyone

    Hope that helps.

    Cheers,
    Karlos

     

  • 0

    Hi Kostas,

    For a visual, here's a youtube video you can watch on this topic:  https://www.youtube.com/watch?v=q0GwtPLS0nk

    Cheers,

    Karlos