This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Profile Webfilter per User Groups of Active Directory

Hello everyone, greetings to all.
I am Sophos partner here in my city, here in Brazil.
I have a Sophos UTM SG 135 on a client, configured the same integrated into Active Directory, created two groups in the domain, one called Internet_Full and another called Internet_Restriction, so I put the right users in each group.
In the UTM, I created two groups with the same names and added the AD groups within them. I created two Web Filter Profile, each with its Policy and content filter.
I created a Policy called Restriction and in it I put the Internet_Restriction group, I created another Policy called Full and in it I put the Internet_Full group.
Well, in the Firewall rules releasing http, https, smtp, pop3, etc, I put as source the Net_Internal and the two groups of the domain.
The navigation usually happens, but when following the Live Log, I see the users of the domain and their respective group, however the UTM applies the Web Content Filter Default to all, does not apply the content filter that I created for each group.
How can I do to fix this? I need each user to navigate transparently, using their respective Web Filter Profile and Conten Filter.
In both profiles, I set the setting to Transparent Mode, SSO Active Directory.

I thank you all !

 



This thread was automatically locked due to age.
Parents
  • Hi, Ivanildo, and welcome to the UTM Community!

    The only thing that determines which Profile is used is the IP address of the requester.  Since both Profiles are Transparent and for the same subnet, the one that comes second will never be used.

    First, compare your setup to Configuring HTTP/S proxy access with AD SSO.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • Hi, Ivanildo, and welcome to the UTM Community!

    The only thing that determines which Profile is used is the IP address of the requester.  Since both Profiles are Transparent and for the same subnet, the one that comes second will never be used.

    First, compare your setup to Configuring HTTP/S proxy access with AD SSO.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children