Hot!How to configure a network to block all website but just allow google apps mail?

Author
kenjiak
New Member
  • Total Posts : 1
  • Scores: 0
  • Reward points: 0
  • Joined: 2018/01/03 00:14:37
  • Status: offline
2018/01/03 00:20:32 (permalink)
0

How to configure a network to block all website but just allow google apps mail?

How to configure a network to block all website but just allow google apps mail loads via https://mail.google.com/a/[domain] and gmail loads via https://mail.google.com/mail on my environment is using FortiOS v5.2.10 ?
 
My device is using Fortigate 60D
 
#1

1 Reply Related Threads

    sw2090
    Silver Member
    • Total Posts : 70
    • Scores: 6
    • Reward points: 0
    • Joined: 2017/06/14 01:27:25
    • Status: offline
    Re: How to configure a network to block all website but just allow google apps mail? 2018/01/11 05:08:11 (permalink)
    0
    Create a webfilter security profile (or use the defaut one that already exists if you want) and enable the static url filter in it. Then make three rules:
     
    1. Allow https://mail.google.com/a/* by Exempt
    2. Allow https://mail.google.com/mail by Exempt
    3. Block everything else (i,e, block *)
     
    Then keep the rules in this order (you may exchange 1. and 2. but the block everything rule must be the last one).
    Also you have to use "exempt" and not "allow" because you want the filter to stop once one rule allowed access to the site. Without "exempt" it would block everything even though there is 1. and 2. because it won't stop.
     
    Once you are done with that save your profile and apply it as webfilter profile to your wan policy(s) for that network.
     
    then you are done :)
     
    hth
    Sebastian
    #2
    Jump to:
    © 2018 APG vNext Commercial Version 5.5