Restricting web access to intranet sites only?

mkh · June 9, 2008, 5:47pm

Hello, everyone. I’m new to Comodo and have been looking through these boards, but still have a question. Please bear with me…

Is there a way to set up Comodo’s Firewall to not allow internet access outside of a given domain - namely, my corporation’s website? I see how I could disable access to individual sites, but I want to only allow that kind of access.

Any help is greatly appreciated. If this information is already out there, please let me know and I’ll go try to find it again.

Thanks!

system · June 9, 2008, 6:06pm

Internet Explorer gives you these options. Right click on IE and select Properties.

Japo · June 9, 2008, 6:11pm

At the firewall level I think it’s easy, unless I’m missing something–which is even easier. Define a global rule that allows trafic to that domain, and then another rule below blocking everything (else). You can specify the IP numerically or the domain name. I don’t have CFP installed in this machine now but if you need details as to how to do it exactly, someone else will come in shortly.

panic · June 10, 2008, 9:29am

G’day,

The easiest way to do this is to setup a BLOCK rule for Internet Explorer (or whatever other browser you r PCs use) but make sure you select to EXCLUDE the IP address of your intranet server.

This will allow traffic only to and from the intranet server.

You should also set a passwsord on the firewalls config to prevent anyone reversing or modifying that rule.

Cheers,
Ewen

mkh · June 12, 2008, 12:30am

Thanks to everyone for your very helpful advice!

This sounds like it should give me what I need. Is this something I could do in the Network Security Policy screen?

(Bear in mind that I’m a total newbie here and still finding my way around Comodo Firewall. ;D)

Thnaks again!

panic · June 12, 2008, 1:28am

Is this something I could do in the Network Security Policy screen?

Yep. In NETWORK SECURITY POLICY → APPLICATION RULES for iexplore.exe

Ewen

mkh · June 16, 2008, 5:25pm

Got it - I’ve set it up and it looks like it’s working.

Thanks again!

mkh · June 17, 2008, 1:53pm

So…of course, work’s sliding scale changes everything.

Now, I’m supposed to allow access to a few internal servers - five or six of them.

I’ve tried to set up individual rules for each IP address in Network Security Policy, but it doesn’t seem to be working. They’re different IPs, so the IP range option won’t work. Is there something I’m missing?

Sorry to be such a pain…