0 Replies Latest reply on Sep 23, 2016 8:25 AM by shutech

    Need to start blocking sites like Pandora at our Netvanta 4305

    shutech New Member

      Current Firmware: NV4305-R11-10-3.E.biz

       

      So we have a Netvanta 4305 with a t-1 Octo Card.

       

      Setup.

       

      WAN side

      Verizon 4x1 Bonded T1

       

      It is setup with the the physical interface T1 3/1, 3/2 3/3 and 3/4 active.

       

      The Logical interface for these is PPP 1

       

      The PPP 1 interface  is set with the main  IP address from from Verizon. which is a /30 address.



      LAN side

      ETH 0/1 is active and ETH 0/2 is inactive.

       

       

      ETH 0/1 is setup as interface Mode: IP routing.

       

      The IP address is the first in our /27 block of static IP addresses from Verizon. xxx.xxx.xxx.1 with Subnet mask 255.255.255.224

       

       

      So this interface goes out to our Private WAN where each location has a router with a static IP address from xxx.xxx.xxx.2 to 29 Subnet 255.255.255.225 and Gateway xxx.xxx.xxx.1 the ETH 0/1 address.

       

      So we have limited bandwidth and I want to set up at our Netvanta blocks for various sites like Pandora.

       

       

      I enabled Firewall set firewall mode to all traffic. left everything else as default.

       

      Created the following ACL

       

      Name Pandora

       

      filter type: Deny

       

      Source Data: IP address

       

      IP: 208.85.40.0

      Mask: 255.255.248

       

      Pandora is suppose to occupy 208.85.40.0/21

       

      I applied and then reboot and saved but no go. Pandora is still accessible from the individual sites.

       

       

      This is my only site where I have a router that is feeding public static routes to other routers so I am not sure what I need to do here to block sites.

       

      Any help?

       

      Thank You