Firewall Client Machines and URL Restriction.
- From: "William T. Holmes" <wtholmes@xxxxxxxxxxxxxx>
- To: "ISAserver.org Discussion List" <isalist@xxxxxxxxxxxxx>
- Date: Sun, 30 Oct 2005 16:13:29 -0500
Hello,
To begin with I have never really looked much at the firewall client. I
have a couple of machines that I have configured for my children and I
would like to create a restricted list of websites that they can go to
when the log on.
I want a "mixed" network in which I have Secure NAT clients (already
have these) and some hosts with Firewall clients.
When someone logs onto a Firewall Client machine I should be able to
apply Firewall rules based on that person's identity correct?
What I would like to do is have the firewall clients restricted to a
specific set of Protocols and Sites (based on a URL set).
However when I create such a rule and include a user set it blocks all
systems regardless of who is logged on. Unless I am mistaken a Secure
NAT Client is always anonymous to the firewall correct?
I have also noted in my firewall logs that when one of the Firewall
Client Machines browses the network that no usernames are displayed in
the log entries. I though this would be a "side effect" of having a
firewall client machine. The client username is always being set to
anonymous.
Again what I would like to achieve is:
Have Secure NAT clients remain unaffected.
Have Firewall Clients gain internet access based on their active
directory group membership.
Thanks for any insight
Bill
Other related posts:
