Is it possible to configure the web proxy to block access to a range of IP addresses?
This is what I'm trying to do:
* I've got several internal networks in the 10.0.0.0/8 range which contain our office systems. There are some web servers in these subnets that should not be accessible from the outside world.
* I've set up a guest network on the 192.168.100.0/24 subnet. This should have no access at all to the 10. subnets, and I've added a firewall rule to block all access.
* I want clients in the guest network to use the web proxy.
Here's where the fun begins. Clients in the guest network have no direct access to the 10. subnets, but they can browse to the web servers in these subnets if they enter the IP of the web server in the address bar: they can access a server at http://10.0.1.5, for example. (Presumably, this happens because the web proxy handles the traffic before it gets as far as the packet filter.)
I can probably block access by putting the internal sites in "Block these websites", but that's a rather high-maintenance way of doing things. So, is there a simple way to configure the web proxy to block requests from clients on the 192.168.100.0/24 subnet for web servers on the 10. subnets?
Anyone got any ideas?
This thread was automatically locked due to age.
