Solved

Sonicwall TZ205 CFS bypass

Posted on 2014-12-10
4
343 Views
Last Modified: 2015-02-13
Hi, we have a new Sonicwall TZ205 with the CFS subscription activated.  Our office consists of 10 people using the Sonicwall as a Router/Firewall with DHCP/DNS.  We have no servers.  I have configured the CFS with the basic settings confirmed it is working and blocking specific sites.

I have one computer that I want to be able to bypass the CFS.

Is there a way to bypass the CFS by using the MAC address of one computer?  If so, how can I accomplish?  I have already created an Address Object for the MAC address of the computer and an Address Group to include this Address Object.

Any help would be appreciated, thanks in advance,
0
Comment
Question by:eloredo
  • 2
4 Comments
 
LVL 13

Accepted Solution

by:
Greg Hejl earned 250 total points
ID: 40493084
https://support.software.dell.com/kb/sw6617

OverView:

IP address ranges can be manually added to or deleted from the CFS Exclusion List. Content filtering is disabled for IP addresses in the CFS Exclusion List. These address ranges are treated as trusted domains. Select Enable CFS Exclusion List to enable this feature.
 
 
Click To See Full Image.

The Do not bypass CFS blocking for the administrator checkbox controls content filtering for administrators. By default, when the administrator (“admin” user) is logged into the SonicOS management interface from a system, CFS blocking is suspended for that system’s IP address for the duration of the authenticated session. If you prefer to provide content filtering and apply CFS policies to the IP address of the administrator’s system, select the Do not bypass CFS blocking for the administrator checkbox.

Procedure:

To add a range of IP addresses to the CFS Exclusion List, follow these steps:

Step 1 Login to the SonicWALL Management Interface
Step 2 Go to Security Services > Content Filter
Step 3 Select the Enable CFS Exclusion List checkbox.
Step 4 Click Add. The Add CFS Range Entry window is displayed.
Step 5 Enter the first IP address in the range in the IP Address From: field and the last address in the IP Address To: field.

 
Click To See Full Image.


Step 6 Click OK.
Step 7 Click Accept on the Security Services > Content Filter page. The IP address range is added to the CFS Exclusion List.

Modifying or Temporarily Disabling the CFS Exclusion List

To modify or temporarily disable the CFS Exclusion List:

Step 1 To keep the CFS Exclusion List entries but temporarily allow content filtering to be applied to these IP addresses, uncheck the Enable CFS Exclusion List checkbox.
Step 2 To edit a trusted domain entry, click the Edit icon.
Step 3 To delete an individual trusted domain, click on the Delete icon for the entry.
Step 4 To delete all trusted domains, click Delete All.

Source: SonicOS Enhanced 5.1 Administrator Guide
0
 
LVL 20

Assisted Solution

by:carlmd
carlmd earned 250 total points
ID: 40493488
0
 

Author Comment

by:eloredo
ID: 40496969
Thanks for the info provided so far, looks like what I am looking for.  Unfortunately, I am away from that office and sonicwall for a few days but will attempt the recommended setups and confirm next week.

Thanks again.
0
 

Author Comment

by:eloredo
ID: 40531811
Just got back form vacation and need to coordinate this setup with the client this week and will respond with result.
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Suggested Solutions

Optimal Xbox 360 connectivity requires "OPEN NAT". If you use Juniper Netscreen or SSG firewall products in a home setting, the following steps will allow you get rid of the dreaded warning screen below and achieve the best online gaming environment…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now