How can we help?

How do I only filter one network and have all other networks bypass the filtering completely?

Follow

The two main methods of doing this are by using a group policy with no category blocking, or to design your network rules to bypass the filter for the desired network range or IPs.

Filtering a Specific Network.

If you want to filter only a portion of the network to be filtered and the rest of the network to bypass the filtering there are several options.

Using Groups to Manage Traffic

One Method, is to modify the default group and default policy to allow all categories. This allows all users in the default group to have all URLs allowed. Then create a new group and policy and add a client. Designate this client to be type "Network Subnet" with the "IP Address or Range" set to the IP range of the network to be filtered. Modify the policy to block the appropriate categories. In this scenario all traffic is passing through the policy server and being processed by the policy server.

Go to Policy Management > Group Manager and click the default group then click the default policy and the Modify Categories button. Uncheck all categories, using the custom template, or select the None template.

rtaImage_1.png

 

Configuring Hardware to Manage Traffic

If you do not want the traffic intercepted/detected/processed in any way, then the traffic should not be sent to the policy server. This may mean adding routes or configuring a switch, router or firewall depending upon your deployment. In this scenario only traffic that will be filtered is sent to the Policy Server and this will improve performance.

Configuring Networks to Filter with the Enterprise Filter

If you are using the Enterprise Filter you can change the enterprise rule to add a source network of the range that is to be filtered. For example, 

-t mangle -A PREROUTING -s 10.0.0.0/8 -i eth0 -j NSROUTER 

where the 10.0.0.0/8 is the IP range of the network you wish to filter. To edit the enterprise rule go to System Tools > System Configuration and click the Enterprise Filter Settings button.

rtaImage_22.png

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request