Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Traffic Rules - AND in source conditions (Is it possible to add to conditionts that BOTH of them shold be TRUE)
  •  
xaaru

Messages: 14
Karma: 0
Send a private message to this user
Hello
i want to add the traffic rule:

Source: 10.10.10.100
AND
User: user1

so that rule will apply if both conditions are TRUE

if i just add the rule like
Source: 10.10.10.100
User: user1

it will apply to all users from IP 10.10.10.100 and if user1 goes from ANY IP

is there's a way to verify both conditions?

[Updated on: Wed, 29 May 2013 09:54]

  •  
xaaru

Messages: 14
Karma: 0
Send a private message to this user
It's OR default for rules now:
Source: 10.10.10.100
User: user1

is equal to

Source: 10.10.10.100
OR
User: user1
  •  
silars

Messages: 429
Karma: 59
Send a private message to this user
What is your complete rule? Maybe it can be formed another way without the need for an AND operator on Source.

It is unlikely, but is worth a try.
  •  
xaaru

Messages: 14
Karma: 0
Send a private message to this user
ok the problem is:
we have a network and users. Smile
there are a different types of access to network for different users:
1 internet
2 local subnet 1
3 local subnet 2
4 terminal server
---
so - different users should have access to subnets 1 2 3 4.
and the access from (4) is different too.

so the problem is that i can authentificate user on his laptol and grant him access to 1 and 4. Then users opens RDP connection to Terminal Server - and he shoul have diffeent accees from TS, rather he has from his laptop

so the rules are:
User1 AND IP_of_TS -> allow subnets 2 & 3
IP_of_TS -> deny all
User1 -> Allow 1 and 4


of course there's another way, without AND, but if i have AND function - the system will be much more flexible
  •  
silars

Messages: 429
Karma: 59
Send a private message to this user
Yeah, tricky problem. I'm not seeing any way around it using that current configuration.

My only thoughts are:

1. Establish multiple Terminal Servers that are granted access to the network. Users are forced to the Terminal Server that has their privileges.
2. Consider using VPNs.
3. Consider using 2 Kerio Control devices to get the "AND" capability.

I know that isn't what you wanted to hear and probably thought of them yourself.

I'd highly suggest using the "Suggest Idea" button on the Control Dashboard.
  •  
xaaru

Messages: 14
Karma: 0
Send a private message to this user
Thank you silars

the only way is to ask Kerio about AND function
because other options will cost additional money and working hours)
Previous Topic: cannot watch live videos
Next Topic: LAN switch - trunk port & vlans
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Mon Oct 23 22:37:21 CEST 2017

Total time taken to generate the page: 0.00476 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.