I have to use FTP connection through my MWG 220.127.116.11. Here in my office I have two appliances running MWG 18.104.22.168 and both are configured as Proxy HA and clustered.
FTP connection here is not allowed for everyone. Some people got access through authorization. So I want to make this filter on MWG.
For example, I want to authorize some ftp hosts only. Not all the traffic through ftp protocol.
Is there anyway to make this? Authorize only ftp hosts that I want and block all of the others?
Sorry for my English.. There's a long time that I don't write anything in English...
Thank you all!
you could use some properties to set this up. Connection.Protocol and Authentication.Username oder Authentication.Usergroups may be a good start.
You can add a rule like this:
Connection.Protocol equals "FTP" and Authentication.Usergroups does not contain "FTP-Users" -> Block
In this case all FTP connections made by users who are not part of the "FTP-Users" domain group are blocked.
Instead of groups you can use user names or IP addresses, and combine it with the "Connection.Protocol" to avoid all traffic is blocked for them.
I hope this gives you an idea how to start.