This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Firewall Rules: AD Users as Source?

Is it possible to have Firewall rules applied to specific Active Directory users?

Usage Scenario: I want 2 developers to have access to the a file on a DMZ server, I would like to open ports

-udp 137
-udp 138
-tcp 139
-tcp 445

for user jbloggs (on internal network), who will be logged on via Active Directorym dynamic DHCP, so that I can map a folder from the DMZ server via \dmzserver\e\web\dev

I am aware I can set their machines to static IP, and base the rule on IP, but that is not preferable, as anyone who sets their IP same as devs would then by default be granted these open ports.

Thanks,
Richard

This thread was automatically locked due to age.

Parents

0 brassardv over 11 years ago

I am using DNS host name or DNS Group name (when 2 ip, Wifi and Ethernet)in the rules so i dont have to use static IP.
The AD DNS is secure so a connected rogue computer cant spoof the Machine DNS names.

Or you can install the "Client Authentication Program" on this machines and then use Users from firewall on your firewall rules.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 brassardv over 11 years ago

I am using DNS host name or DNS Group name (when 2 ip, Wifi and Ethernet)in the rules so i dont have to use static IP.
The AD DNS is secure so a connected rogue computer cant spoof the Machine DNS names.

Or you can install the "Client Authentication Program" on this machines and then use Users from firewall on your firewall rules.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data