Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 28 subscribers
  • Views 15750 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Issues with Match Known Users option in XG 105

Aneesh Kuniyil

Hi,

I've a XG 105 Firewall. Whenever I try to turn on "Match Known Users" option in the Firewall rule, it blocks Internet Access for all users. My configuration:

  • ISP Modem >> XG 105 as the only gateway
  • User Authentication via Active Directory (AD)
  • All users from AD have been populated in the Firewall (used the Captive Portal to get users from AD to Firewall)
  • Two groups of users and members are added to each group
  • Two corresponding Firewall rules
    • for both rules, I've selected:
      • "Match Known Users" and selected "Show captive portal to unknown users"
      • Selected respective group under "user / group".
  • Whenever I do that (select Match Known Users), Internet access to users get blocked!

I attach a screenshot of the rule here for your reference! Greatly appreciate any suggestion / ideas! Thank you!



This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    to me that would indicate a possible name mismatch.

    Ian

  • 0 in reply to rfcat_vk

    Hi @rfcat_vk,

    Thanks for the reply! Do you mean that the name for the Web Policy (Web >> Policies >> Normal_User_Group) and the User Group (Authentication >> Groups >> Normal Internet Access) must be the same?

    -aneesh

  • 0 in reply to Aneesh Kuniyil

    Hi aneesh,

    I would have thought so, otherwise how could one relate to the other.

    Ian

  • 0 in reply to rfcat_vk

    Hi Ian,

    Thank you! That's interesting! I tried that with a new rule and it seems to work.

    I created:

    • a new web policy
    • a new user group with the same name as the web policy
    • a new firewall rule and added that web policy
    • checked "Match known users" and to show captive portal
    • tested with one user and it is working perfectly, just that the Captive portal doesn't show automatically even though it is set to show. I authenticated by accessing Captive portal directly via it's URL.

    However, when I try the same with the existing rule which I've the issue, it doesn't seem to work. I'm waiting for the break time and planning to create a new rule and test. If it works, I will delete the current rule with the issue.

    I will keep you updated here! Thank you! :)

    -aneesh

Reply
  • 0 in reply to rfcat_vk

    Hi Ian,

    Thank you! That's interesting! I tried that with a new rule and it seems to work.

    I created:

    • a new web policy
    • a new user group with the same name as the web policy
    • a new firewall rule and added that web policy
    • checked "Match known users" and to show captive portal
    • tested with one user and it is working perfectly, just that the Captive portal doesn't show automatically even though it is set to show. I authenticated by accessing Captive portal directly via it's URL.

    However, when I try the same with the existing rule which I've the issue, it doesn't seem to work. I'm waiting for the break time and planning to create a new rule and test. If it works, I will delete the current rule with the issue.

    I will keep you updated here! Thank you! :)

    -aneesh

Children