Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
jvillar
Participant

Allow file download and block file upload with wetransfer

I want to allow a few people download files from wetransfer  but not the upload of files. 
If I create a rule in the application layer and in services and applications I put wetransfer,
it allow to upload and download files. If instead of wetransfer I put wetransfer-download,
does not match the rule and goes to the next rule that block access to wetransfer.
If I put wetransfer and in content I put file download, it does not load the wetransfer page either.
Does anyone have any idea how to do it?
 
 
 

 

15 Replies
genisis__
Leader Leader
Leader

My initial thoughts are the use of content awareness, and Identity Awareness blades to define which accounts can utilise the rule and how specific content is then handled.

jvillar
Participant

I dont understand what you mean. I have created a group with a domain user to allow him access. 
If I put wetransfer in Services&Aplication it works perfectly, but in both directions and
I want is to only allow downloads. I have also done the test registering the equipment and
the operation is the same. As soon as I put some limitation like only allowing downloads
it doesn't work anymore because it doesn't match the rule.
Can you explain it a little more. Thank you very much
 
Chris_Atkinson
Employee Employee
Employee

What is the order of the rules that you have created and is HTTPS inspection used?

CCSM R77/R80/ELITE
genisis__
Leader Leader
Leader

Just looked at the pics, and I see what you mean, whats defined in wetransfer-download and what protocol is being used?

jvillar
Participant

I tried with https enabled and disabled and the result is the same. I go step by step so I do not 
limit the protocol or the content. First I have to get load the wetransfer page by
allowing only the download. I attached some images of how to configure with https inspection disable
and the result obtained. The rules are the first to avoid possible hidden problems.

 

Vladimir
Champion
Champion

Create two rules.

Top rule: Wetransfer AND Wetransfer-download Accept

Bottom rule: Wetransfer-Upload Block

With HTTPS enabled and nothing in the Content field.

Let me know if this works.

Cheers,

Vladimir

the_rock
Legend
Legend

I would involve TAC into this. I had similar case with customer while back and they had to escalate it, went to R&D and they somehow fixed it, but I dont remember how, sorry.

Pako
Participant

Hello.

did you get this to work? 

I am using R80.40, I am trying to allow the user the access to the web category "File Storage and Sharing" but block the category "file upload" to most of the users. With the testing rules  have made it work for some applications, but not for all:

One drive, Google drive and terabox -> I was able to access the site and download and upload files to the application
Mega.com, megafire and wetransfer -> I was able to access the site and I was not able to upload any files. I got an error on the application about network issues, but not the custom blocked message we have configured on Checkpoint

 

jvillar
Participant

I still didn't get it to work. When I have some time I will try again. Thank you for your input. I will communicate my progress

jvillar
Participant

I have a bigger problem. If I put Image 1.PNGthe rule in image 1, the firewall does not match it and cuts access  to wetransfer with a later rule.



To load the page I need to put the rule of image 2, and then the user can upload and download files

Image 2.PNG


 

Pako
Participant

Capture.PNG

 These are the rules that I am using on my tests. 

jvillar
Participant

The first rule prevents me from loading the google drive page and the second allows me to access, for example, wetransfer

jvillar
Participant

After several tests I have achieved that users can only download files from wetransfer, googledrive and onedrive. I have R81.10 and https inspection activated

jvillar
Participant

Reglas que funcionan.PNG

 

 

 

 

 

 

It has worked for me with the following rules
Pako
Participant

Thanks, now we are using the version 80.40. I will test these rules with the new release

 

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events