• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 4701
  • Last Modified:

Block Specific URL in Juniper Netscreen 5GT

I have successfully configured the Web filter in my Jetscreen 5GT but can only get it to work with the reconfigured categories.  How do I block a specific URL?
0
MERCOMMS
Asked:
MERCOMMS
  • 2
1 Solution
 
ccreamer_22Commented:
I have had the same problem. The Netscreens are really bad at blocking sites by URL or Domain Name. Basically, you need to get the ip address of the website by pinging it. Then go into the WebUI and go to Objects > Addresses > List. Create a new untrust site with that ip address with a /32 bitmask. Then go to policiesand create a policy from trust to untrust. Make the trust side your internal network, the untrust side that ip address you created in the address list. Set the policy to deny and put a check in place this policy at the top. Press ok and test.
0
 
MERCOMMSAuthor Commented:
Test site: Monster.com
ping of Monster.com results in 63.121.29.1

Objects --> Addresses --> List
I added one with
Address name: Monster
IP Address 63.121.29.1/32
Zone: Untrust

Polocies
name: Monster
Source Address: Any
Destination Address: Address Book Entry->Monster
Service:Any
Applicaiton:None
Action:Deny

Still able to browse monster.com
0
 
ccreamer_22Commented:
That's because they have multiple sites using BGP. You block 1 ip and another one reroutes it through another ip. What you have to do is research them by blocking 1 ip then trace route to them again and block the next ip until none of their ip addresses for the website can be found. This is a long task, but it is the solution. These firewalls are not really ment to be used like this. Try it on another site not using BGP to test it. Like nypl.org. The ip is 65.88.89.108. If you block it, you wont be able to get to the web site.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now