Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 41 subscribers
  • Views 4326 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Block URL group for all except authenticated users

BioTech

Hello everyone,

New to XG line, trying to block only the specific "URL group" for every user while only authenticated user group ("managers") that can login and access blacklisted websites listed in the group.

Issue is that:

a) every website is blocked for non-authenticated users not just our blacklisted few in the URL group. 

b) when user authenticates then they are allowed to view ONLY blacklisted websites and nothing else.

 

---- our top firewall rule ---

Rule
Apply "Allow All" app filter, "Block Blacklisted Websites" web filter, for any user, when in "LAN" zone, and coming from any network

Source & schedule
LAN
Source networks and devices : Any
During scheduled time : All the time

Destination & services
WAN
Destination networks : Any
Services : Any

Identity
Any

---

 

-- our web policy Block Blacklisted Websites --

 

What is the best approach here?

Thanks you!



This thread was automatically locked due to age.
Parents
  • 0

    Hi BioTech,

    You may simply use two firewall rule here with 2 webfilters.

    1. Create a firewall rule on the top with authentication enabled by applying the check on identity on "Match known users" the default block page for unauthenticated users is a captive portal which would prompt for username and password. 
    2. Create/configure a web filter policy and apply on the users/firewall rule created via step 1. 
    3. Create another firewall rule positioned below the authenticated firewall rule and apply another web filter policy with blacklisted URL/category

    Regards,

    Aditya Patel
    Global Escalation Support Engineer | Sophos Technical Support
    Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

Reply
  • 0

    Hi BioTech,

    You may simply use two firewall rule here with 2 webfilters.

    1. Create a firewall rule on the top with authentication enabled by applying the check on identity on "Match known users" the default block page for unauthenticated users is a captive portal which would prompt for username and password. 
    2. Create/configure a web filter policy and apply on the users/firewall rule created via step 1. 
    3. Create another firewall rule positioned below the authenticated firewall rule and apply another web filter policy with blacklisted URL/category

    Regards,

    Aditya Patel
    Global Escalation Support Engineer | Sophos Technical Support
    Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

Children
  • 0 in reply to Aditya Patel

    Hi Aditya,

    Thanks for the help, I have tried that without much success. Now Managers have to authenticate to access any website but they are only prompted to log in when trying to access Blacklisted websites, while everyone else has no access at all and get the generic fall back page of DNS unresolved.

     

    Here are the rules:

    web policies:

Unfiltered HTML