Internet Block
Hello everybody.
I need help about firewall. This is very simple but i coulnd't do that.
in my one location one client connect to internet. I want to block his internet with sep.
we have adsl modem there and it ip address is 10.0.19.19 this client in same switch in this modem. therefore he can connect to internet.
I did like this but it doesn't work.
in firewall i create new rule,
Choice Network service, choice all services. and change application to iexplorer.exe and choice action to block.
It doesn't work.
than i did another rule like this;
Create new rule
choice host, address type is ip adress and ip adress is 10.0.19.19 and action is block.
when i did like this the user cannot ping to 10.0.19.19 but he can connect to internet again.
at least i create another rule.
choice host, choice domain and write there
*.*.com
*.*.com.tr
*.*.net
*.*.biz
etc.
but i couldn't try this rule yet.
I thing so there must be another simple rule for this problem.
What will i do?
Thank you so much.
Have a nice day.
Comments
Hi
Check if you have network threat protection is installed on client ( i know its stupid but it always good to check :) )
Check if you have placed the rule on the top of the rules list in Firewall policy
Make sure that the client got the policy.
can u confirm and let me know this , so that we can go further :)
Good Day
Please don't forget to mark your thread solved with whatever answer helped you : ) Rafeeq
You made one error in your
You made one error in your rule if you added iexplorer.exe to be blocked it should be iexplore.exe which is not the same. Check this again that you wrote the correct application. However this method of blocking the user from internet is not very good since there are many other ways to access internet if you block only one application.
Well ...found the following
Well ...found the following related forums and articles following which should be able to resolve the issue .Please go through it.
https://www-secure.symantec.com/connect/forums/dns-domain-firewall-rules-not-blocking-traffic
https://www-secure.symantec.com/connect/forums/block-website-through-firewall
How to Restrict Users to Specific Web Sites by Creating Firewall Rules for Managed Clients
http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/6e23ee65720a6667ca25754d001a0b2b?OpenDocument
Symantec Endpoint Protection 11.0 Network Threat Protection (Firewall) Overview and Best Practices White Paper
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007121714495348
Inviting good karma to CPU...0xal0ne
answers :)
@maximilian
Hello. I wrote wrong. I understood what you mean. I blocked iexplore.exe not explorer.exe :) if i blocked explorer.exe he cannot show his desktop.
yes you are exacly rigth. he can use firefox,google etc. but it is enought for me now.
@Rafeeq
Hello. yes you rigth. i checked network threat protection is install in his machine. on the sep manager i saw firewall is enabled too.
my firewall rule is on the top.
I am sure client have got policy too.
There must be another simple way :(
Everything works better when everything works together.
@0xal0ne0
thank you for reply. but I know how to block web site. I want to block all internet traffic.
maybe i should close port 80 but i don't know how i block port 80 with firewall rule.
Everything works better when everything works together.
Go through this forum...it's
Go through this forum...it's on 'blocking ports'
https://www-secure.symantec.com/connect/forums/need-help-configuring-firewall-ports-sepm-11
An example rule to Block Web traffic.
Application = Any [so that it would be applicable for all apps. and not just iexplore.or firefox]
Service = HTTP/HTTPS
Action=Block
Adapter=all
Host = the IP of the host
You can specify the port or service to block under 'SERVICE' in the Firewall rules...
Typically, specific types of services occur on specific ports. For example, Web traffic (HTTP and HTTPS) generally occurs on ports 80 and 443. The Service list enables you to group multiple ports together.
You can select a service from the list, or you can define additional services. You can add any of following ports and protocols:
You can apply the rule to inbound network traffic, outbound network traffic, or network traffic in both directions.
source: http://service1.symantec.com/SUPPORT/ent-security....
Inviting good karma to CPU...0xal0ne
the top rule in firewall
the top rule in firewall policy to be applied, add the service section and check HTTP ( tcp 80 and 443) and the action being block.
By doing this the client machine ( the policy applied for the group) will not connect to port 80 and 443 ( remote)
Cheers!
Pete
Help Link: http://www.symantec.com/business/support/overview.jsp?pid=54619
I'll try
Hi everybody. The client computer have a problem rigth now. and i cannot connect it. when i fix this problem i will try and answer in here.
Thank you
Everything works better when everything works together.
Well ..hope your SEPM is not
Well ..hope your SEPM is not installed on port 80 :-)
VMWARE-- SEP 12.1 vs McAfee vs Trend Micro
Would you like to reply?
Login or Register to post your comment.