Management access from spacific interface or zone

Newbie932662 Lv1Posted 25 Mar 2023 22:13

sangfor firmware 8.0.47 I try to restricted access only on management interface,but I can access web interface from any interface and I bulid GRE Tunnel I can acccess web interface from the other side to Gre Tunnel, is there any way to prevent access to web interface from all zone expect one zone ?
Faisal Piliang Posted 26 Mar 2023 00:03
Please follow the steps:
1. Access your Sangfor WEB UI
2. Go to Policies -> Application Control -> Add -> Select zone for Source and Destination
3. Select Application and check downloads FTP and Downloading tools.
4. Check Action " Deny" and Save.
SassyScorpio Lv2Posted 28 Mar 2023 01:55
Yes, you can configure access control policies on your Sangfor firewall to restrict access to the web interface from all zones except for the specific zone that should have access.

Here are the steps you can follow:

1- Log in to the Sangfor firewall's web interface and navigate to the "Access Control" or "Security Policy" section.

2- Create a new access control policy and set the source zone to "Any" or "All Zones" and the destination zone to the specific zone that should have access.

3- Set the service to "HTTP" or "HTTPS" depending on which protocol the web interface uses.

4- Set the action to "Allow" or "Permit".

5- Save the policy and apply it.

By creating this policy, you are allowing access to the web interface only from the specified zone and denying access from all other zones. This should help to prevent unauthorized access to the web interface from any interface other than the allowed zone.

If you also want to prevent access to the web interface from the GRE tunnel, you can create a separate policy to deny access from the GRE tunnel's source IP address or range.
Newbie932662 Lv1Posted 28 Mar 2023 15:44
I applied but it doesn't work I still can access from any zone and from GRE
rivsy Lv5Posted 29 Mar 2023 14:35
Set the destination zone then try in the policies