Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Content filter: source AND (Allow user only from interface X)
  •  
DBALEX

Messages: 5
Karma: 0
Send a private message to this user
Hi,

I upgraded to Kerio Control 8.3 and with the introduction of the new Content Filter I miss a used feature.

in the past I had a rule that let user A make a login and surf the internet ONLY if he was doing that from interface 10.0.99.X
If that user A wanted to login from interface 10.0.1.X he could not surf the internet.

Now with the new Content Filter I can't do such a thing because the item to specify the required interface is gone.
When I add the user and the interface into the source colomn it's OR and not AND.

Is there any way to re-accomplish this like it was before the new Content Filter because we really need this functionality before the school starts again.

Kind regards,
DB School Gent
  •  
Vicky Tripp (Kerio)

Messages: 644

Karma: 81
Send a private message to this user
Hi Alex,

Sadly there is not a way to make the newer versions of Kerio Control revert back to using the 'And' statement. You can list a feature request via the 'Suggest Idea' button in the Web Admin to try and get this feature placed back into the product.

All the best,
Vicky

Vicky Tripp
Kerio Technical Support Engineer
  •  
DBALEX

Messages: 5
Karma: 0
Send a private message to this user
Hi Vicky,

Thank you for the answer. I did already a suggestion to bring it back.

I taught about a workaround but I don't know if it can work.

If I make a Traffic Rule with the source my user A and the destination the 10.0.99.X Interface and set the rule to DENY.....

should it be possible then that user B can surf from 10.0.99.X but user A not ??
If this is the case my problem is temporary solved with this workaround.

Kind Regards,
DB School Gent


  •  
Vicky Tripp (Kerio)

Messages: 644

Karma: 81
Send a private message to this user
Hi Alex,

All that rule would do is stop user A from accessing internal IP addresses and that might include the gateway if the gateway on the machine they are using is 10.0.99.X. If you need User A to only be able to access the internet then you could create 2 rules. One to allow them access to the internet interfaces/firewall and another rule to block all other traffic for that user.

Give that a try and see if that gives you the wanted behavior.

All the best,
Vicky

Vicky Tripp
Kerio Technical Support Engineer
  •  
DBALEX

Messages: 5
Karma: 0
Send a private message to this user
Hi Vicky,

User A must be blocked all access (intern addresses, gateway and internet) if logged in from 10.0.99.X, including the gateway that is also on 10.0.99.X net.
So using this rule should be working. I will test it this weekend.

Thank you for the quick response.

  •  
Vicky Tripp (Kerio)

Messages: 644

Karma: 81
Send a private message to this user
Hi Alex,

No problem, feel free to raise a support ticket should you need us to look at your config and give you a bit more in depth help.

All the best,
Vicky

Vicky Tripp
Kerio Technical Support Engineer
Previous Topic: separate lan and internet usage for quota
Next Topic: Hotels and VPN
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Thu Mar 23 05:18:57 CET 2017

Total time taken to generate the page: 0.01130 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.