Created on 06-14-2010 03:15 PM
I have a user here who I' d like to block their internet access completely. I see where I can block and filter specific sites, but I don' t see how I can block access to one specific user.Ok, How do you identify that user univoquely in your network?
In a perfect world I' d really like to allow this user only access to certain sites and block all else,ok, your perfect world is a few commands ahead.
but I think that may be outside the capabilities of the 60B that I have.not at all; you need a way to identify users with no ambiguity and apply appropiate policies Did you implement one in your network?
regards
/ Abel
Thanks for the reply. Our network is using Active Directory, so all users are identified by a unique username.you' re welcome; ok, then FSAE is the easier wway to go; check following links to get a picture: http://docs.fortinet.com/fgt/archives/3.0/techdocs/FSAE_Administration_Guide_01-30007-0373-20080718.pdf http://docs.fortinet.com/ifos.html http://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=FD30081 http://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=FD31819
I' m not that good with firewall setups, but I' ll add that our VPN users are enabled/disabled through their AD account and the Fortigate is using what I think is a RADIUS service to authenticate the VPN users.Maybe you' ve a back integration between your radius and your AD to do that; if that' s working properly you could also use it for authenticate firewall policies But if you choose for FSAE usage, you could also use it for VPNs. check http://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=FD31873 regards
regards
/ Abel
Created on 06-21-2010 10:55 AM
User | Count |
---|---|
2674 | |
1410 | |
810 | |
702 | |
455 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.