Dear community,
I'm woking in a company where20 users use a same windows account named : "call"
Is there a way to restrict internet access to this user only with fortigate?
https://docs.fortinet.com/document/fortigate/6.0.0/cookbook/13383/creating-a-web-filter-profile
I have found that but it filter for each users and I need to restrict only this Windows user named "call"
KR
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
You can use this article for ad link to fortigate firewall:
If you want only google searches you can create one webfilter profile block all categories and in the same webfilter profile >> create url filter >> static >> *google.com*>>type:wild card>>action exempt>>enable
Then select the created web filter profile in the specific firewall policy.
Please check if its working or not
Hi Team,
If i am not wrong, you want to block the "call" user irrespective of ip address from which he has logged in?
Please confirm
If so, you can create firewall policy on top, with source to destination "deny", with source as specific ip address of machines and username "call" and destination as "all"
I wanted to know how you are authenticating those users ? how the firewall will recongnize that user?
If you give firewall policy as i mentioned, captive portal page will be shown for all those users, user has to give username firewall will identify that user in it database or you can configure ldap for captive portal authentication :
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Captive-portal-and-LDAP-authentication/ta-...
If i am not wrong, you want to block the "call" user irrespective of ip address from which he has logged in?
Yes exactly.
But this user "call" needs to have some internet access like simple google researches etc.
How to link my AD users with fortigate ?
You can use this article for ad link to fortigate firewall:
If you want only google searches you can create one webfilter profile block all categories and in the same webfilter profile >> create url filter >> static >> *google.com*>>type:wild card>>action exempt>>enable
Then select the created web filter profile in the specific firewall policy.
Please check if its working or not
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1696 | |
1092 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.