This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Application Controll does not work with User Network Objects

Hello,

does someone know if the application controll should work with User network Objects?
I've installed the SAA on my client and if I enable automatic user creation on the UTM my user is created after checking the password against my AD.
But if I use the created user network object in an application controll rule it does not work.

Is there any way to make a application controll rule based on users or groups?

Kind regards
Stefan

edit: We are running a webproxy with https-scanning.

This thread was automatically locked due to age.

Parents

0 BAlfson over 12 years ago

When you login to SAA as Stefan, in which UTM is the object "Stefan (User Network)" resolved? Version of UTM - 9.105-9?

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 12 years ago

When you login to SAA as Stefan, in which UTM is the object "Stefan (User Network)" resolved? Version of UTM - 9.105-9?

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 StefanTiefel over 12 years ago in reply to BAlfson

We've only one (two, but active/passive) UTM (9.104-17).

The Network can be reduced to something like this:

Win7-Client (with SAA) --- Cisco-Router --- UTM --- Internet

On the router is a route fpr 1.2.3.4/32 pointing to the internal Interface of the UTM.
On the UTM is a DNAT for 1.2.3.4 --> internal IP of UTM.

The object Stefan is created at the UTM. We run the webproxy with AD-SSO for years but now we need to deny for example facebook (or any other application) but allow it for some Users. The Users who should be allowed are all in an AD-group.

The Webinterface displays the User Object as "unresolved" all the time, but i've read in this forum that's normal.

Regards
Stefan
Cancel
Vote Up 0 Vote Down

Cancel