Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

2 Rules for the same IP Address

Hi All,

Currently we are trying to figure out a way to perform the following

Aim: Allow Certain Users to Access Google Drive and Whatsapp Web based on their IP

Example: 

1st IP : 10.10.10.10 - Have access to google Drive download only

2nd IP : 10.10.10.20 - Have access to Whatsapp Web only

3rd IP :10.10.10.30 - Have access to Both

4th IP : 10.10.10.40 - No access to Both

Problem

1. Cannot figure out a way to only allow google drive upload. Currently both Upload and Download is enabled

2. Is it possible that 1 IP can be used for 2 rules? the whatsapp web rule and Google Drive Rule. Currently if Whatsapp web rule is above, the Google Drive Rule is ignored.



This thread was automatically locked due to age.
Parents
  • Firewall is using a "First match" approach. So if a rule matches for LAN to WAN for example, those policies will be used. Some apps can be controlled by Web filter. So you could try to resolve it like this: 

    Do a LAN to WAN Rule. Attach a Proxy to this LAN to WAN. 
    Create clientless users for your IPs. 
    Attach Clientless users to those Apps in Webfilter and allow it. 
    Then create a ANY block below of this. 

    __________________________________________________________________________________________________________________

  • Thank you LuCar for your response.

    I managed to figure out a way to solve the issue.

    I set one of the rules to only trigger when connecting to a FQDN host (*.drive.google.com)

    This leaves the Whatsapp rule to be triggered only for whatsapp traffic.

Reply Children
No Data