This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM9 Internet/Network Access only from Domain Sessions

I'm using UTM 9.211-3, I've already joined it to my windows 2003 domain.

Domain Controller, NAS, Clients --- Switch --- UTM --- Internet

How to prevent Internet and NAS access if a user logged in using a local session?

(I want to allow access to Internet and NAS only when my users use their domain session, I give them local sessions for some reasons!)

This thread was automatically locked due to age.

Parents

0 BAlfson over 10 years ago

Traffic inside a subnet does not transit a router, so you must control NAS access in the NAS itself. Even if you were to isolate it within a DMZ, you could not control access based on AD membership except for Web Filtering. Have you selected 'Block access on authentication failure' in the Web Filtering Profile?

Cheers - Bob
PS You can use DNS Host definitions in firewall rules to allow/block specific IPs into a DMZ.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 10 years ago

Traffic inside a subnet does not transit a router, so you must control NAS access in the NAS itself. Even if you were to isolate it within a DMZ, you could not control access based on AD membership except for Web Filtering. Have you selected 'Block access on authentication failure' in the Web Filtering Profile?

Cheers - Bob
PS You can use DNS Host definitions in firewall rules to allow/block specific IPs into a DMZ.
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 jalil1408 over 10 years ago in reply to BAlfson

Have you selected 'Block access on authentication failure' in the Web Filtering Profile?

Yes, I have.
Can UTM detect the session type without showing the login page?
Cancel
Vote Up 0 Vote Down

Cancel