Howto create a second rack and policy

gotkimchi · 07-21-2010, 02:00 PM

Scenario: You want to create different rule sets for different users. (AD users or via IP addresses)
Example: Owner of the company can go to facebook.com and rest of the users are blocked from facebook.com

Solution: To create different policies, you will need to use our policy manager. If you want to create different policies and also use Active Directory info instead of IP addresses, you will also need the Directory Connector.

Steps on creating the rack and policies.
1) First you will need to create a new rack. To create a new rack, you will need to go into the policy manager. Within the policy manager, there are two parts. The top portion is the "racks" and the bottom portion is the "policies".

To create a new rack, just click the add button on the top portion.

In this screenshot, I am creating a new rack called "Student Rack".

2) Creating a policy.
After creating the new rack, you will need to create the policy on the bottom. Click the add button on the bottom, and create a new policy. For most of you, only change the client address (if you are using the IP addresses) and the rack drop down on the bottom. Please check out this screen shot.

If you are creating a policy via the Directory Connector, you will need to change the Users and the rack. Please check out this screenshot.

*If you want to create the policy based on time and day, you can adjust that accordingly*

Mathiau · 09-08-2010, 02:03 PM

Great guide, but how do i allow access to only facebook and not say myspace?

i would need to get every IP of facebook to allow it in specifically to place under the Server field correct?

dmorris · 09-08-2010, 02:05 PM

Quote:

Originally Posted by Mathiau

Great guide, but how do i allow access to only facebook and not say myspace?

i would need to get every IP of facebook to allow it in specifically to place under the Server field correct?

In web filter or esoft web filter, add "myspace.com" to the blocklist and hit apply.

this has nothing to do with policy manager though.

jcoffin · 09-08-2010, 02:58 PM

or add facebook.com and fbcdn.net to the pass list in web/esoft filter

savasya · 11-29-2010, 10:47 AM

@gotkimchi
i did like you told above. when i do with ips it s working. but when i do with AD it is not working.
as you can see, doing with ips is not good way because ips can change.
how can i configure my rules or the other stuffs?
i ve been trying to solve this problem for more than 1 week, but i couldnt do anything to solve it. pls help me
dont give me any link in Wiki i tried the sample in there. could you tell me step by step?

07-21-2010, 02:00 PM	#1 (permalink)
gotkimchi Administrator Join Date: Jan 2007 Location: Bay Area Posts: 2,076	Howto create a second rack and policy Scenario: You want to create different rule sets for different users. (AD users or via IP addresses) Example: Owner of the company can go to facebook.com and rest of the users are blocked from facebook.com Solution: To create different policies, you will need to use our policy manager. If you want to create different policies and also use Active Directory info instead of IP addresses, you will also need the Directory Connector. Steps on creating the rack and policies. 1) First you will need to create a new rack. To create a new rack, you will need to go into the policy manager. Within the policy manager, there are two parts. The top portion is the "racks" and the bottom portion is the "policies". To create a new rack, just click the add button on the top portion. In this screenshot, I am creating a new rack called "Student Rack". 2) Creating a policy. After creating the new rack, you will need to create the policy on the bottom. Click the add button on the bottom, and create a new policy. For most of you, only change the client address (if you are using the IP addresses) and the rack drop down on the bottom. Please check out this screen shot. If you are creating a policy via the Directory Connector, you will need to change the Users and the rack. Please check out this screenshot. If you want to create the policy based on time and day, you can adjust that accordingly __________________ to be understood, you must first understand. Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself. If you need Untangle support please call or email support@untangle.com

09-08-2010, 02:03 PM	#2 (permalink)
Mathiau Join Date: Feb 2008 Location: Costa Frickn' Rica Posts: 1,467	Great guide, but how do i allow access to only facebook and not say myspace? i would need to get every IP of facebook to allow it in specifically to place under the Server field correct? __________________ Def1:Started:UT 7.1 x64 -- Current :UT 9.1 x64\| Gigabyte GM-G31 mATX \| Intel Q8200 \| 8G DDR2 800 \| 80G WD \| 4x Intel Pro 1000 GT NIC's \| Corsair 550W PSU \| Norco RPC-250 2U Case \| 50mb/50mb \| 10 users

Protect

Filter

Perform

Connect

Manage

Add-Ons

09-08-2010, 02:58 PM	#4 (permalink)
jcoffin Untangler Join Date: Aug 2008 Location: Sunnyvale, CA URLs submitted: 1 Posts: 1,784	or add facebook.com and fbcdn.net to the pass list in web/esoft filter

11-29-2010, 10:47 AM	#5 (permalink)
savasya Untangler Join Date: Oct 2010 Posts: 73	@gotkimchi i did like you told above. when i do with ips it s working. but when i do with AD it is not working. as you can see, doing with ips is not good way because ips can change. how can i configure my rules or the other stuffs? i ve been trying to solve this problem for more than 1 week, but i couldnt do anything to solve it. pls help me dont give me any link in Wiki i tried the sample in there. could you tell me step by step?