- Kerio WinRoute Firewall Administrator's Guide
Chapter 23 Troubleshooting
370
2. In the Configuration → Traffic Policy section, create a rule which will permit this
service traffic between the local network and the bank’s server. Specify that no
protocol inspector will be applied.
Figure 23.7 This traffic rule allows accessing service without protocol inspection
Note: In the default configuration of the Traffic rules section, the Protocol inspector
column is hidden. To show it, modify settings through the Modify columns dialog
(see chapter 3.2).
Warning: To disable a protocol inspector, it is not sufficient to define a service that
would not use the inspector! Protocol inspectors are applied to all traffic performed by
corresponding protocols by default. To disable a protocol inspector, special traffic rules
must be defined.
23.5 User accounts and groups in traffic rules
In traffic rules, source/destination can be specified also by user accounts or/and user
groups. In traffic policy, each user account represents IP address of the host from which
user is connected. This means that the rule is applied to users authenticated at the
firewall only (when the user logs out, the rule is not effective any longer). This chapter is
focused on various issues relating to use of user accounts in traffic rules as well as hints
for their solution.
Note: For detailed information on traffic rules definition, refer to chapter 6.3.
How to enable certain users to access the Internet
How to enable access to the Internet for specific users only? Assuming that this problem
applies to a private local network and Internet connection is performed through NAT,
simply specify these users in the Source item in the NAT rule.
Figure 23.8 This traffic rule allows only selected users to connect to the Internet