Hi,
I am in the process of migrating our companies existing Firewall to a Sophos UTM and I would like to take advantage of the Webserver protection module to protect our internet facing web servers but have hit a wall with one particular part of our setup.
In our existing setup we use an IP whitelist to control which IP addresses can access which servers and to simplify it we have a hierarchical structure. That is we have an address object used in the firewall rule which contains other address groups or individual IP addresses. This makes modifying the whitelist easier as we just add or remove items from the top level object to control access.
When setting up a test in the UTM i can see that there is an "Access Control" option under site path routing with 2 sections for "Allowed" and "Denied" networks. This looks like the place to add the whitelist but i cannot add group objects here, only IP or network objects. Is there any way around this? If not under this section is there somewhere else i can use my groups to control access rather than having to list every IP address?
Thanks in advance
Andrew
This thread was automatically locked due to age.