How to allow or block website by specific users ip?
Hello everybody I am using watchguard firewall. And I have to block website on my lan and allow a website's spicified users.
How can I do this. Thanks
regards,
0
Sign In to comment.
Comments
Add a HTTPS policy To: the IP addr or FQDN of the web site From: the allowed user IP addrs or authenticated user IDs
Add a 2nd HTTPS policy To: the IP addr or FQDN of the web site From: Any-trusted, Any-optional, with the policy set to Denied.
This will deny access to the web site.
Make sure that the 2nd policy ends up below the 1st policy.
I would set up SSO and do it based off of AD Group. Then you don't have to manipulate local FB users or manage static IPs:
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/authentication/sso_agent_install_c.html
as a bonus it will allow you to analyze traffic based off of Username which is nice if you want to see if a specific user is using a lot of data.