I have a rule that internet connection is blocked to a certain group of user (Let say X) by blocking port 80 and 443 (https)
Port 80 works for this rule but https does not.
I do not want to block https port from firewall because my users in other group has to access to https sites.
Is there any way to block https sites for just one group of users (X) without interfacing other rules.
Not: I have block list for ruleset X too but it does not work for https.Message was edited by: karubum on 6/5/13 2:05:16 AM CDT
first of all I would ensure that HTTPS traffic is really going through MWG. In the proxy settings in the browser (assuming you are using explicit proxy) it is possible to configure a proxy for HTTP and don't use a proxy for HTTPS. In this case HTTPS requests will not reach MWG and cannot be blocked.
Apart from that can you maybe share a screenshot of how your rule(s) look? Maybe there is an error somewhere we can correct. Also, are you using SSL Scanner?
I have other usergroups for internet access in WGW that they access to https sites which I allow them purposely.
I have only one group of users that I need to block their https access.
Yes, I have SSL Scanner and using it.
I have certificate verification rule in it for some sites such as youtube, facebook...
For my Blocked rule:
Block Everything For Others
URL.Port is in list Block 80_443
At "Block 80_443" my 80 and 443 ports are listed.
I have also Block Social Network rule too for this group where I have added the list of social media by typing with *Message was edited by: karubum on 6/5/13 2:41:38 AM CDT
I have solved most of the problem. Right now Group X cannot access to https web sites except the ones in SSL Scanner. When I put header criteria to exclude group x in here, it does not work because my cookie auth. ruleset comes after SSL Scanner ruleset. So it does not pick up user group from AD at SSL Scanner.
Message was edited by: karubum on 6/17/13 9:15:22 AM CDTMessage was edited by: karubum on 6/17/13 9:16:43 AM CDT
I have picked up facebook as a test page to improve my https blocking rule for Group X.
I have removed facebook urls and IP bloks from my SSL scanner list. Right now Group X cannot access to https://facebook.com whatsoever by using regular PC.
Is there anyone with answer why blocking facebook with https works on Crome and Mozilla but not on IE?Message was edited by: karubum on 6/27/13 2:54:44 AM CDT