Step 5: Click Add, then create the following two rules as depicted below. The order is important. The new first rule allows any DNS queries out. The new second rule forces all users (Everyone) to be challenged before accessing the Internet for HTTP only.
NOTE: This configuration will allow any traffic out other than HTTP, even without first authenticating. If you want to block ALL traffic before authenticating for HTTP, then disable the default ‘Any, Any, Any, Allow’ rule as depicted in rule 3 below. The downside to this is that users need to know that they have to authenticate via HTTP before ANY Internet traffic will pass.
NOTE: It is also important to not test these rules when logged in as administrator to the SonicWALL.
15