• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 984
  • Last Modified:

How do I configure access rules to block traffic on certain computers?

I've been trying to configure my SonicWall to block web traffic (port 80) on a few computers but without success.  I am trying to tell my firewall to block traffic going to certain MAC address.  So I created the address object using the MAC address of a particular computer .  Then I went to the "access rules" section under "firewall" and created the rule denying HTTP from the WAN side to the LAN side on the address object I created.  No luck.  It seems like I did everything correct.  Is there something that I am missing here?  Thanks.
0
RyanRae
Asked:
RyanRae
  • 4
2 Solutions
 
Syed_M_UsmanCommented:
what model of Sonicwall are you using?
there are many ways to do this, IP base, Mac base and AD base. but first let me know what are you using.
0
 
TolomirAdministratorCommented:
well traffic always starts at the client not the server.

how about block traffic to port 80 from lan (mac address) to wan?
0
 
Syed_M_UsmanCommented:
one more thing i want add is by default all traffic from WAN----> LAN is denied, yuo dont have to enable anything.
but lets say you want to block one external website ie( www.abc.com) for mac. you have to apply rule from lan to wan, not wan to lan.
 
0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 
Syed_M_UsmanCommented:
if you are using sonicwall with enhance version you can do as follows;

1) create gouop,
2) add ip range or host in group
3) fo to firewall----> access rules---->add

from zone LAN to WAN------ service Http----- source (mac-clients-group)----destination(any or custom)---add
 
0
 
Syed_M_UsmanCommented:
sorry i want to correct my post;

from zone LAN to WAN------ service Http----- source (clients-group)----destination(any or custom)---add
     
0
 
RyanRaeAuthor Commented:
Thanks guys.  Going from LAN to WAN did the trick :D
0

Featured Post

How to change the world, one degree at a time.

By embracing technology, we can solve even the biggest problems—including the gender gap.  By earning a degree from WGU, you have an opportunity to gain the knowledge, credentials, and experience it takes to thrive in today’s high-growth IT industry.

  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now