Using Match Objects with App Controlo -. TZ500
Hello All
I've recently managed to integrate one of our TZ500's (v6.5) with Active Directory and using SSO.
Before used to use app/access rules per IP/groups, now I have to do this using Active Directory Groups, problem is stacking groups (departments) for the rules does not work, only a group with only users.
So it seems the only way to filter on more than one group is to use Match Objects. I cannot even get this to work.
I am guessing you cannot use both (App Control and App Rules) at the same time, very confusing.
I cannot find a video tutorial, just wondered if anybody has this working.
Thank you!
Best Answer
-
Saravanan Moderator
Hi @ANDRE3000,
Thanks for sharing your requirement.
Nested Groups import is supported on the SonicWall but unfortunately the same cannot be used directly on any of the firewall policies. This is an expected behavior.
Regards
Saravanan V
Technical Support Advisor - Premier Services
Professional Services
1
Answers
Hi @ANDRE3000,
Thank you for visiting SonicWall Community.
Are you trying to utilize App Control and App Rules based on Active Directory imported Nested User Group (User Group(s) inside User Group)? Could you please explain your requirement in detail?
Regards
Saravanan V
Technical Support Advisor - Premier Services
Professional Services
Hi Saravanan
Thanks for the quick reply
I was trying to avoid using match Object so I basically created a group on AD then added two groups to it, then imported the group to Soniocwall. I just thought it would be easier, but I does not work so I will have to get it working with match object/app rules instead. Previous testing I think I had overlapping rules with App rules which confused things . Shame nested groups works with Address Objects but not with User Groups!
I will do some more testing.