Redirecting Restricted Users or Websites

[roadrunner]

Redirecting Restricted Users or Websites
If you want to restrict some IPs from accessing websites at all, set up a rule like this where the "matchall" resource used below is set up per LogWebandFTPFiles. In the "Replacement URL" field, put in the URL that they should be redirected to.

Source Destination Service Action Track
restricted-hosts any http->matchall Reject Long


To restrict access to certain sites only, you can do one of two things:


Create a resource that matches the sites you don't want to allow access to. Use this resource in a rule as shown above.
Create a resource that matches the sites you want to allow access to. If you wish to then redirect them to a policy page if they access a page they are not allowed to, use the "matchall" resource and set the replacement URL accordingly. Should you wish to allow them access to only the sites matched by the resource "allowedsites" and deny access to everything else (via a "matchall" resource), the rules would look like this:
Source Destination Service Action Track
internal-users any http->allowedsites Accept Long
internal-users any http->matchall Reject Long


Note: If you are using this in conjunction with User Authentication and a user is "redirected" to a policy page, they will get FireWall?-1's Authentication Failed page with a link to the "redirected" page.

-- PhoneBoy - 30 Dec 2003


FAQForm
FAQs.Class: AuthenticationFAQs
OperatingSystem?:
FAQs.Version: