Hello everybody I am using watchguard firewall. And I have to block website on my lan and allow a website's spicified users.
How can I do this. Thanks
Add a HTTPS policy To: the IP addr or FQDN of the web site From: the allowed user IP addrs or authenticated user IDs
Add a 2nd HTTPS policy To: the IP addr or FQDN of the web site From: Any-trusted, Any-optional, with the policy set to Denied.
This will deny access to the web site.
Make sure that the 2nd policy ends up below the 1st policy.
I would set up SSO and do it based off of AD Group. Then you don't have to manipulate local FB users or manage static IPs:
as a bonus it will allow you to analyze traffic based off of Username which is nice if you want to see if a specific user is using a lot of data.