Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Allow POP, SMTP, Anydesk (6568)... traffic without user login

Se_Srikanth001Se_Srikanth001 Newbie ✭
edited December 2022 in Entry Level Firewalls

I want to implement a group of users who can browse the internet (say internet_group)

Only those who has internet_group credentials can authenticate and browse the internet.

Rest of the people need not do user authentication and still able access pop and smtp services (using outlook), get/give support through anydesk, teamviewer etc.

How do I implement this ? any guide/cookbook ?

Btw, I am using TZ270

Category: Entry Level Firewalls
Reply

Answers

  • MitatOngeMitatOnge All-Knowing Sage ✭✭✭✭

    you should step by step below rules

    1) create 2 address groups for WEBPERMIT and POP-SMTP-PERMIT groups

    2) enable DPI-SSL service and load certificate to all user pc's

    2) Create POP-SMTP-PERMIT-CFS rule for POP-SMTP-PERMIT user group and block everything.

    3) create WEBPERMIT-CFS rule and assign to WEBPERMIT and put top of the POP-SMTP-PERMIT-CFS rule.

    4) create application rule for Remote access software group for only POP-SMTP-PERMIT user group.

    5) create access rule for smtp-pop-http-https services for POP-SMTP-PERMIT user group and assign POP-SMTP-PERMIT user group.

    6) disable any to any rule and create http, https service rule for other users and assign to everyone put bottom of the POP-SMTP-PERMIT access rule.


    in my opinion this scenario will work. if it isn't work you should create Firewall App Rule for HTTP/S and Remote Access applications and assign to groups.

  • Thank you mitatonge, I will try and update.

Sign In or Register to comment.