I have a question in the firewall Application control.
AS I know, the application control should be applied in the User/Network rule -> Advanced -> User Applications -> Application Control
Suppose I have the "A" and "B" Groups.
A group will use WAN A to access internet as there is a Firewall rule "A to Internet".
So is the B.
Now, I want to block users to access Facebook by Application control.
User Tommy is in A group and the Kan, Mary and Kitty are B. For current solution, is something like that:
|
Policy name |
Sources Zone |
Sources Address |
Destination Zone |
Destination Address |
Application |
Application action |
Outgoing Interface |
Rule Action |
|
Block Facebook A |
LAN |
Tommy |
WAN |
ANY |
Facebook Block |
Deny |
A |
Allow |
|
Block Facebook B |
LAN |
Kan |
WAN |
ANY |
Facebook Block |
Deny |
B |
Allow |
|
A to Internet |
LAN |
Group A |
WAN |
ANY |
ANY |
Allow |
A |
Allow |
|
B to Internet |
LAN |
Group B |
WAN |
ANY |
ANY |
Allow |
B |
Allow |
|
|
|
|
|
|
|
|
|
|
Now, I would like to have only one Firewall policy to block all the Facebook access traffic.
Meanwhile, Tommy has to run A WAN as primary gateway and so is Kan to run B WAN as well as current operation.
My client don’t want to create two or more policy for Facebook blocking.
As there also a User Kitty and Mary in Group A and B respectively allow to access Facebook.
Please show me the solution in XG310, thanks.
This thread was automatically locked due to age.