Thank you for asking this question in the Support Community. Blocking websites with ADTRAN units is typically performed by implementing URL Filtering.
Here are the general steps outlined in the Configuring Top Website Reporting and URL Filtering in AOS guide to implement URL filtering in AOS:
1. Enable the AOS firewall.
2. Create a URL filter.
3. Configure the URL filter.
4. Apply the URL filter to an interface.
5. Specify the URLs to permit or deny.
I hope that makes sense, but please do not hesitate to reply to this post with any additional information or questions. I will be happy to help in any way I can.
Thanks for the document. That document states " HTTP over secure socket layer (HTTPS) and File Transfer Protocol (FTP) URL filtering are not currently supported. That's why it doesn't work on https://www.facebook.com.
I tend to block sites by running an internal DNS server and creating a zone for each domain I wish to block. Create an A record in the zone file redirecting the domain to some non-responding address or set up a single page web server that displays an "Unauthorized Site" message.
You can also apply ACLs to your Private policy-class that you can put ahead of your NAT statement. The ACL may not work as well as the built-in URL filtering, but it does allow for hostnames as destinations. It does not allow wildcards, so you will have to put in all of the hostnames. Here is an example for blocking facebook, but you can put as many entries as you like in there. I hope this helps:
ip access-list extended social.media
remark Social media sites to block
permit ip any hostname www.facebook.com log
permit ip any hostname facebook.com log
ip policy-class Private
allow list self self
discard list social.media policy Public
nat source list wizard-ics interface eth 0/1 overload policy Public
Thanks Everyone. Wow I've learn a lot. I end up just creating a dns record pointing to nowhere for the website I don't want them to have access to.