Not allow user pass through NGAF device

Chan Chau Meng Lv1Posted 03 Jan 2019 16:54

How to ensure my LAN user must to go through NGAF device before access to LAN and External? i did create a policy to deny user (LAN) RDP to Server (LAN) but due to your technician explained that because user pass through the NGAF so the policy which is created is doesn't work for me. as Usual, the connection in our network like this: WAN -> NGAF -> Switchs -> PC&Server.  please correct me if i did wrong. thank you

Muhammad Talha has solved this question and earned 10 coins.

Posting a reply earns you 2 coins. An accepted reply earns you 20 coins and another 10 coins for replying within 10 minutes. (Expired) What is Coin?

Enter your mobile phone number and company name for better service. Go

Hi  Friend,

Kindly drop an email to tech.support@sangfor.com for further assistance. They will troubleshoot the problem and will resolve issue. Thank you.
Is this answer helpful?
Muhammad Talha Lv3Posted 03 Jan 2019 23:54
  
Hi,

Your network topology is correct. I might unable to understand your concern. Policy will work if it is configured correctly when traffic passes through NGAF. Since if it is a local network, so packets will transfer via switch within the same network thus it will not deny LAN RDP to servers. You can create access control policy to stop LAN RDP to LAN servers.
Thanks
Chan Chau Meng Lv1Posted 04 Jan 2019 09:47
  
i want to send you an attachment file that show you the policy is created by me but click on insert image button is no respond at all. Let me explain to you, the policy is from source LAN 192.184.12.132 to Dest. LAN 192.184.12.6, RDP port, action is deny. then you see the remote connection still able to access.  
Muhammad Talha Lv3Posted 04 Jan 2019 17:11
  
Hi,

Please refer to images attached. Compare with your policy and then try. I hope it will work.
May I also know your device firmware version.

Thanks.

1.png (85.16 KB, Downloads: 1076)

1.png

2.png (112.17 KB, Downloads: 1085)

2.png
Chan Chau Meng Lv1Posted 07 Jan 2019 10:13
  
i followed as you said. but still not work. i also don't know what is the problem?
Muhammad Talha Lv3Posted 08 Jan 2019 02:51
  
Hi  Friend,

Kindly drop an email to tech.support@sangfor.com for further assistance. They will troubleshoot the problem and will resolve issue. Thank you.
Usman Posted 14 Jan 2019 14:46
  
your topology is correct but you need create a trunk between your core switch & NGFW
Chan Chau Meng Lv1Posted 14 Jan 2019 14:50
  
what is this mean "create a trunk"? this is so weird, only sangfor will facing this topology issue. i did used other product but everything is work fine. maybe i am not smart enough.

I Can Help:

Change

Moderator on This Board

11
7
5

Started Topics

Followers

Follow

1
3
5

Started Topics

Followers

Follow

0
4
5

Started Topics

Followers

Follow

67
20
3

Started Topics

Followers

Follow

3
14
3

Started Topics

Followers

Follow

1
137
3

Started Topics

Followers

Follow

Board Leaders