We have a small number of machines that are used solely for accessing an internal web-based application, running on a 192.168.1.x network. All other traffic from these machines needs to be blocked (specifically, we need to prevent Internet access from these machines).
The first thing I did was assign a DHCP reservation on each machine using its MAC address so I could depend on each of these always having the same IP address without static assignments. DHCP comes from a Windows server on the local network. That works fine.
Next I set up a definition for each machine using the IP address that was assigned through DHCP reservation.
Next I created a group and put each of these machines into the group.
Next I created a firewall rule that says:
Sources: my_machine_group
Services: Any
Destinations: Any
Action: Drop
The rule is "on", and is at the top before any other rules are processed.
I then went to one of the machines and tried to access the Internet, and it still can access any Internet site. I opened the live log, and I can see requests being dropped so I don't understand why it still works. Anyone know what I'm missing?
Thanks
This thread was automatically locked due to age.
