Screen OS

Hi all,

I'm pretty new to these firewall stuff please bear with me.

I've been messing around with the SSG5, managed to block websites or allow websites for all networks, but couldn't work it out for specific users. I tried googling for results but nothing worked.

I block websites by adding websites in Policy - Policy Elements - Addresses - List, then just creating a new Policy for that list. I've read that it can be done under Web Filtering too, but I didn't manage to get that to work.

Anyway my current config blocks the websites for all in the network, how do I go about blocking just for specific users?

My SSG5 info:
Hardware Version: 710(0)
Firmware Version: 6.2.0r5.0
I doubt my unit comes with additional licenses like WebSense.

Appreciate any feedback. Thank you all!

You can create a policy for specific users and place that above the more general policy.  ScreenOS does a top down policy search, and will use the first policy that matches source destination and service.  For example, if you wanted to block 10.1.1.5 from accessing 20.1.1.1, but everyone else would be allowed, you could do the following.

set address trust 10.1.1.5 10.1.1.5/32

set address untrust 20.1.1.1 20.1.1.1/32

set policy from trust to untrust 10.1.1.5 20.1.1.1 any deny

set policy from trust to untrust any any any permit

URL filtering requires a subscription (paid) or your own Websense server.

Hey rseibert,

Thanks for your reply. It is working now. At first I was getting very mixed results. Then I found out I put my ISP's DNS in Network > DNS portion, and I set Google's DNS in my own PC. I changed that and all's good now. Only YouTube had problems but I understand they have multiple IPs. Could that be the problem?

Thank you.