This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to block users from browsing

Dear all,
Pls Im quite new in this area. I need a step by step process to block some particular users on my network from browsing the web at particular times in the day. I am a novice in this area but we just installed astaro version 6.

We also have a link on our coy webpage that directs external users to a particular server in our network. How can we enable users to view the page using that link on the webpage: ie what step by step configurations can we put in place to allow this using our astaro box.

Thanks for your urgent response. Pls I am a novice and I will appreciate a step by step description. Thanks.

This thread was automatically locked due to age.

Parents

0 Gert Hansen over 16 years ago
Hi ekeneduru,

welcome to the Astaro community, we will help you get things rolling.

First of all i would recommend you upgrade your Astaro to the latest version 7.402.
This version has a more intuitive GUI and a lot more features.
You can download the latest version here:
http://download.astaro.com/Astaro_Security_Gateway/v7/software_appliance/iso/asg-7.402-090423-1.iso
and here is a quickstart guide that helps with the initial setup:
http://download.astaro.com/Astaro_Security_Gateway/v7/software_appliance/iso/ASGV7_QuickstartGuide.pdf

1) block users from surfing
This can be done by enabling the HTTP Proxy functionality under Web Security.
Do you want to identify users by IP adress or by username?
If you want to do it by username, do you have a working Active Directory or Novell eDirectory?
I'll complete it once you have anwsered

2) Forward HTTP requests to internal webserver.
Do do so you need to create a DNAT rule go to:
"WebAdmin > Network Security > NAT > DNAT/SNAT tab".
Click on "New NAT rule..."

Name: to webserver
Group: no group
Position: bottom
Traffic Source: Any
Traffic Service: HTTP (click on the folder icon and drag'n'drop HTTP in the field)
Traffic Destination: External Interface
NAT mode: DNAT
Destination: webserver (click on the + icon and create a new host network object with the webservers ip address)
Destination Service: empty
Automatic packet filter rule: yes

i hope that helps for now

regards
Gert
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Gert Hansen over 16 years ago
Hi ekeneduru,

welcome to the Astaro community, we will help you get things rolling.

First of all i would recommend you upgrade your Astaro to the latest version 7.402.
This version has a more intuitive GUI and a lot more features.
You can download the latest version here:
http://download.astaro.com/Astaro_Security_Gateway/v7/software_appliance/iso/asg-7.402-090423-1.iso
and here is a quickstart guide that helps with the initial setup:
http://download.astaro.com/Astaro_Security_Gateway/v7/software_appliance/iso/ASGV7_QuickstartGuide.pdf

1) block users from surfing
This can be done by enabling the HTTP Proxy functionality under Web Security.
Do you want to identify users by IP adress or by username?
If you want to do it by username, do you have a working Active Directory or Novell eDirectory?
I'll complete it once you have anwsered

2) Forward HTTP requests to internal webserver.
Do do so you need to create a DNAT rule go to:
"WebAdmin > Network Security > NAT > DNAT/SNAT tab".
Click on "New NAT rule..."

Name: to webserver
Group: no group
Position: bottom
Traffic Source: Any
Traffic Service: HTTP (click on the folder icon and drag'n'drop HTTP in the field)
Traffic Destination: External Interface
NAT mode: DNAT
Destination: webserver (click on the + icon and create a new host network object with the webservers ip address)
Destination Service: empty
Automatic packet filter rule: yes

i hope that helps for now

regards
Gert
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data