05-10-2016 12:30 PM
Is there any way to restrict a certain user to only a few websites?
There is URL filtering but I believe that is global and I wanted for only one user
05-10-2016 12:50 PM
Thanks for your response, when I create the URL filtering profile only allows me to include the URLs I want to allow/block, there is no particular section where I can select a user. Please correct me or guide me if I'm wrong
05-10-2016 01:02 PM
You will need to define a security rule under the Policies tab. This rule should match on source=user action=allow and attach the URL filtering profile to this rule. Make sure this new rule is positioned above any rule that may match on the user.
Thanks,
05-10-2016 01:25 PM
Ok thanks. So when I create new security policy, I go to the users tab and there's only one user list for all users. I'm guessing I can manually type the domain/userID here.
Just to confirm, I would create a new URL Filtering profile, allow the URLs I need to allow. Then create a new security profile (and position is #1 probably), the rule would be source (LAN zone), user (manuallty type a username), URL category I created and apply it.
Hoping that's it
05-10-2016 01:38 PM
@MohammedL wrote:
Ok thanks. So when I create new security policy, I go to the users tab and there's only one user list for all users. I'm guessing I can manually type the domain/userID here.
- Yes, assuming userID is setup & working you should see listing of users and you can choose the user from the dropdown. You shouldn't have to manually type in the userID. Otherwise, you will use source_address=IP_of_user to match.
Just to confirm, I would create a new URL Filtering profile, allow the URLs I need to allow. Then create a new security profile (and position is #1 probably), the rule would be source (LAN zone), user (manuallty type a username), URL category I created and apply it.
In the security rule, you need to select the URL profile from the Profile Setting:
Hoping that's it
05-10-2016 03:30 PM
Thanks again. The usernames aren't setup, I only see a 'all user list', in that case like you said source IP, would that also be entered in the source tab?
Thanks.
05-11-2016 12:42 AM
you'll first need to configure UserID which will then populate your list of available users
please read this article to help you set that up: Getting Started: User-ID
05-11-2016 06:59 AM
Yes, the source tab will let you define the IP address for the source user, i.e 192.168.5.5.
05-11-2016 07:29 AM
Ok I'm sorry to ask you again.. Do I have to necessarily create an object for that one IP address or can I once manually type the IP there?
05-11-2016 07:35 AM
I would create a new address object.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
