Solved

Watchguard x750 - http proxy policy - block EXE, but add exception

Posted on 2014-01-22
4
377 Views
Last Modified: 2014-10-21
I have an x750 and am blocking EXEs among other file types. All of our coprporate internet traffic goes out the x750.  I have a technician working in another office that would like to be able to download drivers & applications when needed, but can't.

Is there any type of override? Similar to the one in web blocker, that would prompt for a PW and allow a temporary override?

Thanks,

E.D.
0
Comment
Question by:edalzell
4 Comments
 
LVL 6

Accepted Solution

by:
Jon Snyderman earned 500 total points
ID: 39800537
Yes.   Create a firebox user (same as how you would create a local VPN user) for this person.  Then create looser rules from that user to Any-External.   They can log in using http://{firewall ip address}:4100 and then they will be processed through the new rule.  

This is really basic and forgive me if your network is more complex.  All of this can be done with AD or AD single sign on or LDAP, etc.   But assuming a pretty standard setup, the above steps should work.  If you need more details or your network is more complex, just give us the details and we can provide more instructions.

~Jon
0
 

Author Comment

by:edalzell
ID: 39801267
Thanks Jon, I'll try it and report back!
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Class Map is not matching traffic on Global Policy??? 2 52
Unblock IP Address in Sonicwall 3 90
DHCP lease issue ? 8 95
Firewall attack 16 185
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question