cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Anonymous
Not applicable

Blocking website on Netvanta 3430 with EFP

Jump to solution

Hi,  I'm trying to block a few website on the Netvanta 3430.  facebook.com, twitter.com.

It works fine if you go to www.facebook,.com, www.twitter.com, http://facebook.com, however, it can be by pass if you go to https://www.facebook.com, or https://www.twitter.com.

Does any one know how we can block this too as well?

0 Kudos
1 Solution

Accepted Solutions
bossgeek
New Contributor

Re: Blocking website on Netvanta 3430 with EFP

Jump to solution

I tend to block sites by running an internal DNS server and creating a zone for each domain I wish to block.  Create an A record in the zone file redirecting the domain to some non-responding address or set up a single page web server that displays an "Unauthorized Site" message.

View solution in original post

0 Kudos
5 Replies
Anonymous
Not applicable

Re: Blocking website on Netvanta 3430 with EFP

Jump to solution

:

Thank you for asking this question in the Support Community.  Blocking websites with ADTRAN units is typically performed by implementing URL Filtering.

Here are the general steps outlined in the guide to implement URL filtering in AOS:

1. Enable the AOS firewall.

2. Create a URL filter.

3. Configure the URL filter.

4. Apply the URL filter to an interface.

5. Specify the URLs to permit or deny.

I hope that makes sense, but please do not hesitate to reply to this post with any additional information or questions.  I will be happy to help in any way I can.

Levi

Anonymous
Not applicable

Re: Blocking website on Netvanta 3430 with EFP

Jump to solution

Hi Levi,

Thanks for the document.  That document states " HTTP over secure socket layer (HTTPS) and File Transfer Protocol (FTP) URL filtering are not currently supported.  That's why it doesn't work on https://www.facebook.com.

Thank you.

 

 

bossgeek
New Contributor

Re: Blocking website on Netvanta 3430 with EFP

Jump to solution

I tend to block sites by running an internal DNS server and creating a zone for each domain I wish to block.  Create an A record in the zone file redirecting the domain to some non-responding address or set up a single page web server that displays an "Unauthorized Site" message.

0 Kudos
Anonymous
Not applicable

Re: Blocking website on Netvanta 3430 with EFP

Jump to solution

You can also apply ACLs to your Private policy-class that you can put ahead of your NAT statement.  The ACL may not work as well as the built-in URL filtering, but it does allow for hostnames as destinations.  It does not allow wildcards, so you will have to put in all of the hostnames.  Here is an example for blocking facebook, but you can put as many entries as you like in there.  I hope this helps:

ip access-list extended social.media

remark Social media sites to block

permit ip any hostname www.facebook.com log

permit ip any hostname facebook.com log

ip policy-class Private

allow list self self

discard list social.media policy Public

nat source list wizard-ics interface eth 0/1 overload policy Public

Anonymous
Not applicable

Re: Blocking website on Netvanta 3430 with EFP

Jump to solution

Thanks Everyone.  Wow I've learn a lot.  I end up just creating a dns record pointing to nowhere for the website I don't want them to have access to.