Blocking outgoing internet for one PC on Firebox 1000

I need to block the internet for 1 PC on the network while all others have full access. I am currently running version 7.4. How would I go about setting this up?
LVL 1
knada242Asked:
Who is Participating?
 
NetAdmin2436Commented:
If you haven't tried them before, I have often found the watchguard forums to be quite good.  
http://www.watchguard.com/forum/

Watchguards are some what of a specific product and they have tech support people answering questions in there.  
0
 
NetAdmin2436Commented:
Are you running WFS? or Fireware Pro?

I run fireware pro, and I believe you just create a new policy (http) and set it to deny. Then add the IP address of the victim, or host name. Of course if you go with the IP address you'd have to make sure to set a static IP address on the victim's computer. Or make sure that DHCP always gives that address, and making sure the user can't change the IP address.

Unfortunately I think your using WFS and i haven't used that in a while but the theory should be the same.

I hope this helps
0
 
knada242Author Commented:
I am running WFS. I tried to setup a HTTP policy set to ignore port 80, and 443, then set enabled and denied for the from outgoing IP. Unfortunately the host was still able to communicate with the web. A static IP has been set on the host. I will also post this on their forum as well.
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
NetAdmin2436Commented:
Oh, how do you have the policies ordered? (from top to bottom) The rules on top, get processed first...the ones at the bottom get processed last. So, make sure you put the new rule for your user near the top or at least ahead of your normal http policy, so it get's processed before your normal http rule.
0
 
dpk_walCommented:
As you have static IP and have configured HTTP Service as:
Outgoing "Enabled and Denied"; from: private IP of machine; to: Any

This would block all outbound HTTP traffic from that host. Enable logging on the service for both denied and allowed inbound/outbound traffic so you see logs in the traffic monitor. Also, enable logging on all HTTP service you have and outgoing service to see if the traffic is escaping out of any other service.

Please update on the version of WSM/WFS that you have.

Please check and update.

Thank you.
0
 
NetAdmin2436Commented:
I'm glad you were able to get an answer, whether on EE or the watchguard forum. Thanks for closing this question and awarding points.


Thanks
NetAdmin2436
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.