Solved

SonicWall TZ210-firewall - configure firewall and block internet access for certain pc's

Posted on 2011-02-22
9
3,505 Views
Last Modified: 2012-05-11
SonicWall TZ210-firewall - configure firewall and block internet access for certain pc's
0
Comment
Question by:teju27
9 Comments
 

Author Comment

by:teju27
ID: 34951933
hai i want SonicWall TZ210-firewall - configure firewall and block internet access for certain pc's ?
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 34952233
0
 
LVL 33

Accepted Solution

by:
digitap earned 250 total points
ID: 34952994
you can either create a LAN > WAN rule on the sonicwall under firewall > access rules to block by IP or by MAC address.  if you do by IP, then you'll want to set them as static IP or DHCP reservation on your DHCP server.  i'd think it would be easier to do it by MAC.  create an address object under Network > Address Objects for the LAN zone and choose MAC as the type.  then, create the firewall rule choosing the new address object as the source and ANY for destination and service.  if you have more than one, then you should create a address group then an address object for each device.  add the objects to the group and use the group in the firewall rule as the source.
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 6

Assisted Solution

by:theonlyallan
theonlyallan earned 250 total points
ID: 34953032
You should first create a Group, and add all the MAC addresses of the PCs to this Group.

You should then create a Group and add all the ports / services you want to block: ie: HTTP Port80, Https, FTP, Telnet, etc..

Then create a firewall rule  LAN > WAN that will block  the groups that you have just created.

If you have an active subscription service, you can enable Application Firewall, which will do the same thing for you.
0
 
LVL 33

Expert Comment

by:digitap
ID: 34953213
@theonlyallan :: cool...thanks for confirming my steps.  do you read what other experts post?
0
 
LVL 33

Expert Comment

by:digitap
ID: 35214814
the author indicated the solution is not clear. after reviewing, i see that a combination of my solution, http:#a34952994, and theonlyallan's solution, http:#a34953032, provides all the steps necessary to do what the author's is trying to accomplish.

my recommendation is to select those two solutions as the new disposition for this question. otherwise, Deleted.
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 35215021
I was surprised to get rewarded seeing the other comments. So I go with digitap on this one with one addition: digitap: solution (80%), theonlyallan: assisted (20%)
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

How to configure Site to Site VPN on a Cisco ASA.     (version: 1.1 - updated August 6, 2009) Index          [Preface]   1.    [Introduction]   2.    [The situation]   3.    [Getting started]   4.    [Interesting traffic]   5.    [NAT0]   6.…
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now