This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Allowing dropbox for specific ip's?

Hello,

Im trying to allow dropbox, for a select couple of ip addresses, but currently not having much joy.

We are using application control to restrict access to dropbox

If i turn off block all, everyone gets access, i cant seem to figure out how to block it for everyone, except a couple of pc's.

Firmware version: 8.309
Pattern version: 45503.

Any ideas?

This thread was automatically locked due to age.

0 wingman over 12 years ago

Hi cognitois

Welcome to the forum

My assumption is that you would like to outbound connection and not inbound (i.e. allow only internal user 1 but block other users)

Could you please post the log from application control?

Thanks
Cancel
Vote Up 0 Vote Down

Cancel
0 cognitois over 12 years ago in reply to wingman

Yes that's right, we would like to allow certain internal users (based on their internal ip address) the ability to upload/download to/from dropbox.

Logfile attached.

logfiles_20130529125915.zip
Cancel
Vote Up 0 Vote Down

Cancel
0 gilipeled over 12 years ago

Hi ,

You can use application control easily for that.
Make a rule that's accept file transfer only for a group with specific users IP and another rule that blocks all.
And you got what you want in few very easy steps.

All my best
Cancel
Vote Up 0 Vote Down

Cancel
0 cognitois over 12 years ago

Hi,

Could you explain how i would do that please? It sounds the same as what i already have? As above, i have DropboxAllowJT, with 1 ip address and below i have a block all.
Cancel
Vote Up 0 Vote Down

Cancel
0 pitonsxxl over 12 years ago

Why is your pattern address so old?
Mine: Pattern version: 46141

My rule looks the same as yours, but it works. Also reboot your ASG, sometimes it just hangs and don't use rules.
Cancel
Vote Up 0 Vote Down

Cancel
0 gilipeled over 12 years ago

Pattern can be old if intrusion prevention is off.

If its off it will not download new patterns.

Gil
Cancel
Vote Up 0 Vote Down

Cancel
0 pitonsxxl over 12 years ago in reply to gilipeled

Pattern can be old if intrusion prevention is off.

If its off it will not download new patterns.

Gil

Not true - I never turn on IPS because my appliance always hangs with CPU 100%
Cancel
Vote Up 0 Vote Down

Cancel
0 gilipeled over 12 years ago

Because you are not turning it on the pattern is old and that's ok :-) and sure it's true :-)
When IPS is of so pattern of the IPS do not update :-)

Gil
Cancel
Vote Up 0 Vote Down

Cancel
0 gilipeled over 12 years ago

Hi again.

Why don't you move to new release and stuck on 8 ?
Update at least to 9.006 if you don't want to go to the latest release 9.101-12
Cancel
Vote Up 0 Vote Down

Cancel
0 BAlfson over 12 years ago

I never turn on IPS because my appliance always hangs with CPU 100%

If we haven't worked on that already, please start a new thread with a list of the contents of 'Local networks' in 'Intrusion Prevention'.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel