Schedule rules for specific interface
I have a T25-W. I would like to disable port 2 between specific hours. I created a firewall schedule and disabled the outgoing between midnight and 5am. I would like the firewall rule to only apply to either a specific set of MAC addresses or to a specific interface.
0
Sign In to comment.
Comments
You could set up an Any policy From: the specific interface name To: Any-external.
Set this to Denied, and set the policy Order to the top of the policy list - you need to be in manual ordering mode.
Then set the desired schedule on this policy.
Note that long running sessions will probably not be stopped by such a policy.
You would need to create a firewall rule to handle traffic to/from that specific interface, and put that on a schedule.
The firewall rules work on IP addresses, and not MAC addresses.
If you want to block specific machines, you'll need to either use a DHCP reservation to ensure that they stay on the same IP or manually set the IPs on those machines so that they don't move IPs.
Like Bruce mentioned, a rule on a schedule will only apply to new connections. If a longstanding connection is left open (like a streaming video left open), it may continue running for some time until a new connection is established.
-James Carson
WatchGuard Customer Support