Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 9 replies
  • Subscribers 3 subscribers
  • Views 4757 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Firewall rules by groups don't work, by user do

Boldmen
UTM 9.103-5
I made a rule (RDP -> internet) that applies to one user (AD user), works fine.
When i changed that rule to a group (backend membership AD) the rule doesn't work anymore, the UTM blockes the rdp protocol.
But in the web proxy that group works fine, changing the Web Filtering Profiles.
I checked the AD  UTM connection by "Authenticate example use" and works.
In
Definitions & Users -> Users & Groups (blue !) the membership of the user in groups are not shown, but the web proxy works fine with that group membership. 
What can i do : )


This thread was automatically locked due to age.
Parents
  • 0
    I think it's a bug, because it's wors several times in other configs
  • 0 in reply to Boldmen

    Agree this seems like a bug. The groups do not work but adding individual users works well. Only tested on local network so the when the user is logged in via VPN might work.

  • 0 in reply to Joseph Jozwik

    We didn't have STAS in 2013, Joseph, so what they were expecting never worked - that's why I was confused by what they were asking.  Now, if you install STAS in your Windows server(s), you should be able to make firewall rules based on, for example, "Joseph (User Network)."

    I don't know if this capability has been extended to "{Backend Group} (User Group Network)" - please let us know if you try that.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0 in reply to Joseph Jozwik

    We didn't have STAS in 2013, Joseph, so what they were expecting never worked - that's why I was confused by what they were asking.  Now, if you install STAS in your Windows server(s), you should be able to make firewall rules based on, for example, "Joseph (User Network)."

    I don't know if this capability has been extended to "{Backend Group} (User Group Network)" - please let us know if you try that.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Unfiltered HTML