Firewall Access Rules Required to Restrict Internet Connectivity with User Level Authentication on

Description

Firewall Access Rules Required to Restrict Internet Connectivity with User Level Authentication on SonicOS Enhanced

Resolution

When running SonicOS Enhanced (any version), two special "LAN to WAN" access rules must be manually added and the default "LAN to WAN" outbound rule must be manually modified in order to automatically redirect LAN users to the SonicWall login page when attempting to access the Internet while user level authentication has been enabled. Select Firewall > Access Rules, choose LAN to WAN from the table and create the following rules in the priority order shown:

  1. Allow DNS for all users.
    • Action: Allow
    • Service: DNS
    • Source: Any
    • Destination: Any
    • Users: All
  2. Allow HTTP access for a defined group of authenticated users. The predefined "Trusted Users" group is used as an example.
    • Action: Allow
    • Service: HTTP
    • Source: Any
    • Destination: Any
    • Users: Trusted Users
  3. Change the Users field in the preexisting default LAN to WAN outbound rule from "All" to "Trusted Users" and make sure its priority is 3.

 

Related Articles

  • SonicOS 8.1.0 FAQ
    Read More
  • SonicWall GEN8 TZs and GEN8 NSas Settings Migration
    Read More
  • Getting started with SonicWall firewalls
    Read More

Categories

Firewalls
SonicWall NSA Series
Firewalls
SonicWall SuperMassive 9000 Series
Firewalls
SonicWall SuperMassive E10000 Series
Firewalls
TZ Series
not finding your answers?
Ask the Community