To control traffic for certain users, you can configure a user-aware access rule. First, create a user object that includes the users whose traffic you want to control. Because users are included by their login names or authentication groups, ensure that you have set up your external or local authentication method. After creating the user object, apply it to the access rule.
Step 1. Create a User Object
Before you begin:
Because users are included by their login names or authentication groups, verify that you have set up authentication. For more information, see:
To create the user object:
- Go to the FIREWALL > User Objects page.
- Click Create User Object.
- Enter a Name for the user object.
- To include a specific user, enter the username under the User tab. You can use an asterisk (*) and question mark (?) as wildcards.
- To include an existing user object, click the User Object tab.
- To include users by group, click the Group tab. You can use an asterisk (*) and question mark (?) as wildcards.
- Click Save.
Step 2. Apply the User Object to an Access Rule
To apply the user object to a access rule:
- Go to the FIREWALL > Firewall Rules page.
- Create or edit a access rule.
- In the rule editor window, click the ADVANCED tab.
- In the VALID FOR USERS section, add the user objects that include the users whose traffic should be handled by the rule.
- At the top of the rule editor window, click Save.
Step 3. Verify the Order of the Access Rules
Because rules are processed from top to bottom, ensure that you arrange your rules in the correct order. You must especially ensure that your rules are placed above the BLOCKALL rule; otherwise, the rules are blocked. For more information, see Firewall Rules Order.
After adjusting the order of the rules, click Save.