Solved

SONICWALL NSA 4500 exclusion list

Posted on 2010-08-13
8
1,174 Views
Last Modified: 2013-11-05
Hello i have a little issue, the director has requested that he has access to facebook while the whole company is blocked, if i add him to the cfs exclusion list i am allowing him accesss to everything and that potentially can be dangerous. Is there a way to allow him access to just facebook? on this firewall? thanks
0
Comment
Question by:Anda09
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
8 Comments
 
LVL 4

Expert Comment

by:nasirsh
ID: 33428624
You can just allow him to the IP address of facebook. Use nslookup to check the IP address and go ahead.
0
 

Author Comment

by:Anda09
ID: 33429119
Where does the IP address go? firewall? or how? didnt really understood where do i put the IP address of facebook?
0
 
LVL 4

Expert Comment

by:nasirsh
ID: 33429181
On the Firewall > Access Rules page. In the Add Rule page in the General tab, select Allow | Deny | Discard from the Action list to permit or block IP traffic. From here you can select the source and the destination and allow your director's IP to access the IP of Facebook
0
Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

 
LVL 33

Assisted Solution

by:digitap
digitap earned 500 total points
ID: 33429642
adding to nasirsh's comment, you can create an address object that is the diretor's mac address.  this way you don't have to worry about static IPs etc.
0
 

Author Comment

by:Anda09
ID: 33429975
Well dont really understand all the rules and which to pick and which options to choose, anyone can guide me through or maybe there is a tutorial online that you know off? would be great... Thanks guys
0
 
LVL 4

Expert Comment

by:nasirsh
ID: 33430230
0
 
LVL 33

Accepted Solution

by:
digitap earned 500 total points
ID: 33430664
go to Firewall > Access Rules.  It should default to the Matrix view.  If not, that's the easiest way to filter out ONLY what you want.  In Matrix view, you'll see zones accross the top and left hand side.  Click the corresponding LAN > WAN intersection.  LAN being the left and WAN being the top of the matrix.  If you've run the public server wizard or manually created a rule, then you'll see it here.  If not, then you'll need to add a new rule.  You'll need to create an address object representing the facebook IP addresses.  You might have to create multiple address objects and an address group.  The source would be an address object representing the mac address of the user.  You can leave service any and specify the interface of the WAN, X1.  When you create the rule, you'll get the chance to create an address object.  The add wizard will not let you create multiple object and address group.  You have to got to Network > Address Object to do that.  Then, you can create the firewall rule.
0
 
LVL 33

Expert Comment

by:digitap
ID: 33433592
thanks for the points!
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco ASA 5506 5 84
l2tp tunnel from pc to router 14 117
Upgrading from Sonicwall Tz210 6 56
Ping in Fortigate 2 60
In this tutorial I will show you with short command examples how to obtain a packet footprint of all traffic flowing thru your Juniper device running ScreenOS. I do not know the exact firmware requirement, but I think the fprofile command is availab…
Network traffic routing plays key role in your network, if you have single site with heavy browsing or multiple sites, replicating important application data from your Primary Default Gateway ,you have to route your other network traffic from your p…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question