Important Notice: We're experiencing email notification issues. If you've posted a question in the community forums recently, please check your profile manually for responses while we're working to fix this.

On Monday the 3rd of March, around 5pm UTC (9am PT) users may experience a brief period of downtime while one of our underlying services is under maintenance.

Avatar for Username

Шукати в статтях підтримки

Остерігайтеся нападів зловмисників. Mozilla ніколи не просить вас зателефонувати, надіслати номер телефону у повідомленні або поділитися з кимось особистими даними. Будь ласка, повідомте про підозрілі дії за допомогою меню “Повідомити про зловживання”

Докладніше

Adding an internal range to firefox intune policy management for access control

  • 3 відповіді
  • 0 мають цю проблему
  • 29 переглядів
  • Остання відповідь від matthew89

matthew89
matthew89
more options

Hi All, I want to block traffic on firefox externally for managed devices via Intune, following the import of the ADMX/ADML files into intune.

Having read https://support.mozilla.org/en-US/kb/managing-firefox-intune I have set '\Mozilla\Firefox\Exceptions to blocked websites' to the following; //*.mydomain.com/*

Which works, however, I also want to add hosts that are only resolving on IPs and not DNS. I can add specific IPs if known, but is there a way I can allow IP ranges? Ie

//10.10.*/* (this doesn't currently work) Of the included screenshot, only the wildcard for mydomain.com and the specific IP currently work

I've looked over the link that is recommened in the policy (indirectly) and can't see an option for allowing an IP range. https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/Match_patterns

If there is a better way to do this via intune for firefox only, please let me know.

Thanks

Hi All, I want to block traffic on firefox externally for managed devices via Intune, following the import of the ADMX/ADML files into intune. Having read https://support.mozilla.org/en-US/kb/managing-firefox-intune I have set '\Mozilla\Firefox\Exceptions to blocked websites' to the following; //*.mydomain.com/* Which works, however, I also want to add hosts that are only resolving on IPs and not DNS. I can add specific IPs if known, but is there a way I can allow IP ranges? Ie //10.10.*/* (this doesn't currently work) Of the included screenshot, only the wildcard for mydomain.com and the specific IP currently work I've looked over the link that is recommened in the policy (indirectly) and can't see an option for allowing an IP range. https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/Match_patterns If there is a better way to do this via intune for firefox only, please let me know. Thanks
Прикріплені знімки екрана

Обране рішення

We've kind of got this to work, and it appears to be (with the other setttings) blocking access to sites not defined by DNS or IP range

Proxy Passthrough \Mozilla\Firefox\Proxy Settings 10.0.0.0/8, http:/domain.com/* , <local>


HTTP Proxy \Mozilla\Firefox\Proxy Settings > enabled 127.0.0.1:80

HTTPS Proxy \Mozilla\Firefox\Proxy Settings > enabled 127.0.0.1:443

Читати цю відповідь у контексті 👍 0

Усі відповіді (3)

Mike Kaply
Mike Kaply
  • Moderator
more options

Are those sites navigated to by IP address or by name?

Корисно?

matthew89
matthew89 Власник питання
more options

Mike Kaply said
Are those sites navigated to by IP address or by name?

We have some internal sites that have resolvable DNS, so can be reached on the internal domain, this section of the 'exceptions to blocked sites' does work. Adding the full internal IP to the 'exceptions to blocked sites' also works, but unfortunately its not too manageable to add all individual IPs to the list, which is why I would like to add an internal range ie 10.0.0.0 /16 or similar. As you may see from the screenshot, I've tried a few variations, but these are not working

Thanks

Корисно?

matthew89
matthew89 Власник питання
more options

Вибране рішення

We've kind of got this to work, and it appears to be (with the other setttings) blocking access to sites not defined by DNS or IP range

Proxy Passthrough \Mozilla\Firefox\Proxy Settings 10.0.0.0/8, http:/domain.com/* , <local>


HTTP Proxy \Mozilla\Firefox\Proxy Settings > enabled 127.0.0.1:80

HTTPS Proxy \Mozilla\Firefox\Proxy Settings > enabled 127.0.0.1:443

Змінено matthew89

Корисно?

Запитати

Щоб відповідати на повідомлення, ви повинні ввійти у свій обліковий запис. Поставте нове питання, якщо ви ще не маєте облікового запису.