We use MWG by AD group, where people in a specific group only get access to the categories designated for that group.
Now we have to add a rule where all traffic coming from specific IP subnets (possibly single IPs also) get filtered as if they were in the group, for example High Restriction group. It has access to Real Estate. So the IPs should only be able to get to Real Estate.
What I have so far is:
Client.IP - is in range list - Don't Authenticate Client.IP List
URL.Categories - none in list - Restrict High
No matter which I choose (none in list, contains, at least one in list, etc.) never seems to work. The Client.IP part works and doesn't authenticate, but it never filters by the categories in the Restrict High list and I can't figure out why. Any suggestions?
Wow, so this is always one of the first troubleshooting steps I do. I did it again just to make sure I didn't miss anything and sure enough, my IP address was added to the rule I cloned which is right before this rule, so I was hitting that first rule and it never made it to the second. Once again, a second set of eyes is always a good thing.