This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

how to exempt user in application filter

Hi,

I have XG310 with V18 Mr5, it is integrated with AD, i have created web policy to block social networking category and also created an application filter to block social networking category. 

I created a firewall rule, check match user and add group in that rule, applied web policy and application policy.

now I want to allow temporary access to one user in that group?? can i make exemption of that user in web and application filter.

in webfilter i went to policy create a new rule for social networking and add that select that user and in action i turned it allow. 

how can i make exempt that user from application filter ? in application filter i cant find any filed to choose user/group. please help me for this.

what is the order of policy execution in XG? if web and app filter is applied then which one will execute 1st?

regards,



This thread was automatically locked due to age.
Parents
  • Hello,

    You can create Web Policies based on User/Groups, but Application Policies are only applied to Firewall Rules, in your current setup you should create a secondary Firewall Rule to allow the certain user to bypass your filtering, this rule should be put on top of the rule you first created.

    what is the order of policy execution in XG? if web and app filter is applied then which one will execute 1st?

    On most cases Application Filtering will be applied first, when this happens you will get a connection reset instead of a block page - If I's a Web Application. (Sometimes It will redirect to the block page.)

    Thanks!


    If a post solves your question use the 'Verify Answer' button.

    Ryzen 5600U + I226-V (KVM) v20 GA @ Home

    XG 115w Rev.3 8GB RAM v19.5 MR3 @ Travel Firewall

  • Hi Prism,

    thanks for your advise. 

    in cybeoram it was easy , we apply web and application policies on user based, it was easy to by pass user from certain policy, 

    there is also exemption in firewall rule. in which case should i use that??? please advise.

    according to you there is no way to bypass user in application policy, i have to create a separate policy for users.

    can i change the order of execution of policies?? like first of all web and then application filter will get executed???

    regards,

  • You can create Firewall Rule based on Users/Groups, the same apply to Web Filtering.

    But Application Filtering is applied directly to a Firewall Rule, in order to exempt a user from the application filter, you will have to create a secondary Firewall Rule on top of the current one with the custom Web/App Filtering - in the same Firewall Rule you will select the User or Group you want to exempt.

    can i change the order of execution of policies?? like first of all web and then application filter will get executed???

    You can't, when a certain traffic matches a Firewall Rule, all further traffic will be processed by the same Firewall Rule.

    This has been discussed in this thread.


    If a post solves your question use the 'Verify Answer' button.

    Ryzen 5600U + I226-V (KVM) v20 GA @ Home

    XG 115w Rev.3 8GB RAM v19.5 MR3 @ Travel Firewall

Reply
  • You can create Firewall Rule based on Users/Groups, the same apply to Web Filtering.

    But Application Filtering is applied directly to a Firewall Rule, in order to exempt a user from the application filter, you will have to create a secondary Firewall Rule on top of the current one with the custom Web/App Filtering - in the same Firewall Rule you will select the User or Group you want to exempt.

    can i change the order of execution of policies?? like first of all web and then application filter will get executed???

    You can't, when a certain traffic matches a Firewall Rule, all further traffic will be processed by the same Firewall Rule.

    This has been discussed in this thread.


    If a post solves your question use the 'Verify Answer' button.

    Ryzen 5600U + I226-V (KVM) v20 GA @ Home

    XG 115w Rev.3 8GB RAM v19.5 MR3 @ Travel Firewall

Children