I am still unclear on web filtering and web filter profiles. I have an AD group called Blocked Internet users. In TMG 2010 I could allow the AD group Domain Users and exclude this Blocked users group. I understand that UTM works differently. I just haven't been able to get it to work. I am sure it is a configuration problem on my part. Here is what I have.
Web filtering Global is set to all my LAN networks are in Allowed Networks. I have authentication set to Active Directory SSO. In the Allowed Users/Groups I have Domain Users.
In Web Filtering Profiles, I created 2 filter actions (Allowed Internet, and Blocked Internet). Then I created a Filter assignment for Blocked Internet Users and made the Blocked Internet filter action apply. In the allowed groups, I included my AD group Blocked Internet Users. I then created a filter assignment for Allowed Internet where I assigned that group the Allowed Internet Filter Action and assigned it to the AD group Domain Users. Last, I created a single proxy profile. I added all my source LAN networks and checked the Blocked Internet and the Allowed Internet Filter Assignments. The Blocked Internet Users is at the top.
When I login as a Domain User that is not a part of the Blocked users group I still get everything blocked. If I switch the order of the filter actions and put Domain users at the top, everything is allowed. The filter action seems to be applying, but the AD group isn't being used. If anyone can tell me what I am doing wrong I would really appreciate it. Tha
This thread was automatically locked due to age.
