5 Replies Latest reply on Sep 6, 2013 9:25 AM by levi

    url filtering help needed

    kevinme New Member

      i have a few hundred people on the wisp network. i would like to block say  20 websites in url filtering. is there a way to allow a few users to use those blocked sites

      ive tried everything i can think of but cant make it work

      i can block the url just. i just want a few people to still get to those sites....we use static ip addresses on the network devices

       

      thanks

      kevin

        • Re: url filtering help needed
          New Member

          I have tried this same thing with the NV4430 as well. I was told you it is a all or nothing filter, not a per user or group. I ended up using some DNS filtering from another source to accomplish my needs.

            • Re: url filtering help needed
              kevinme New Member

              thats kinda what i figured but was hoping it want true.

               

              thanks

               

              what dns solution you use? opendns?

                • Re: url filtering help needed
                  New Member

                  Either that or Norton. OpenDns has changed their price structure as of late though. Norton Dns by itself will not block specific websites but I have found the categories accurate. Its nice because you do not have to run any of their software to use these.

                   

                   

                  The following three pre-defined content filtering policies are available for home and personal use:Policy 1: Security (198.153.192.40 and 198.153.194.40) This policy blocks all sites hosting malware, phishing sites, and scam sites.


                  To use Policy 1, you should configure the DNS settings of your home router or Web-enabled device to use the following Norton ConnectSafe IP addresses: 198.153.192.40 and 198.153.194.40.


                  Policy 2: Security + *********** (198.153.192.50 and 198.153.194.50) In addition to blocking unsafe sites, this policy also blocks access to sites that contain sexually explicit material. To use Policy 2, you should configure the DNS settings of your home router or Web-enabled device to use the following Norton ConnectSafe IP addresses: 198.153.192.50 and 198.153.194.50.Policy 3: Security + *********** + Non-Family Friendly (198.153.192.60 and 198.153.194.60) This policy is ideal for families with young children. In addition to blocking unsafe sites and *********** sites, this policy also blocks access to sites that feature mature content, abortion, alcohol, crime, cults, drugs, gambling, hate, sexual orientation, suicide, tobacco or violence.


                  To use Policy 3, you should configure the DNS settings of your home router or Web-enabled device to use the following Norton ConnectSafe IP addresses: 198.153.192.60 and 198.153.194.60.

              • Re: url filtering help needed
                levi Employee

                kevinme:

                 

                Thank you for asking this question in the support community.  It may be cumbersome to make a configuration that fits your needs in the command line interface (CLI), but I believe this can be achieved by adding an additional NAT statement matching the specific IP address(es) and putting it above the "match-all NAT."  Also, the keyword no-alg will need to be added to that statement.  Here is an example:

                 

                ip access-list extended PRESIDENT

                  permit ip host <president's IP> any

                !

                ip access-list extended MATCH-ALL

                permit ip any any

                !

                ip policy-class PRIVATE

                  nat source list PRESIDENT interface eth 0/1 overload no-alg

                  nat source list MATCH-ALL interface eth 0/1 overload

                 

                I hope that makes sense, but please, do not hesitate to reply with any questions.  I will be happy to help in any way I can.

                 

                Levi

                • Re: url filtering help needed
                  levi Employee

                  kevinme:

                   

                  I went ahead and flagged the "Correct Answer" on this post to make it more visible and help other members of the community find solutions more easily. If you don't feel like the answer I marked was correct, feel free to come back to this post and unmark it and select another in its place with the applicable buttons.  If you still need assistance, we would be more than happy to continue working with you on this - just let us know in a reply.

                  Thanks,

                   

                  Levi