Blocking Personal Gmail account and allow G-suite only

Bhavin_Naik

Hello can anyone suggest what is the best practice to do this?

KaranM

Hello @Bhavin_Naik,

Please follow https://www.sonicwall.com/support/knowledge-base/how-to-inject-a-custom-http-https-header-into-traffic-with-cfs-4-0-6-5-1-0-above/180411155114824/.

• Under the Domain, please select Google G Suite Restrict.
• Under the Key, please select X-GoogApps-Allowed-Domains (usually auto-populates).
•  Value: Enter the custom domain that you would like to allow.

Note: DPI SSL is required for this

Thank You

Nevyaditha

Hi @Bhavin_Naik ,

The requirement to block the personal Gmail accounts and allow only the Gmail accounts for the Company is acheivable on the latest version of the Sonic OS i.e 6.5.1.0 and above.

For this configuration primarily you need the DPI-SSL on the Sonicwall to be enabled and the certificate from the firewall needs to be installed on the local machines accordingly as per your the scenario on which you need to block the personal gmail accounts.

Follow the KB for the DPI_SSL as mentioned below:

https://www.sonicwall.com/support/knowledge-base/how-can-i-configure-client-dpi-ssl/170505885674291/

Followed by the steps listed above you need to make changes as suggested on the KB below for the concerned CFS policy :

https://www.sonicwall.com/support/knowledge-base/how-to-inject-a-custom-http-https-header-into-traffic-with-cfs-4-0-6-5-1-0-above/180411155114824/

Please ensure while testing check the certificate on the browser is pointing to the Sonicwall DPI_SSL and also DPI-SSL is enforced on the zone or for the IP address that you are using for testing.

Thanks

Nevyaditha P

AJPixelbox

I'm hoping someone sees this. I am trying to accomplish this but the accounts were trying to block are personal accounts that were made with work emails. Is this possible using this method or does it having the same domain mean they will still be able to log in with that email