Solved

block ip address with sonicwall pro 2040 enhanced

Posted on 2009-07-02
6
2,399 Views
Last Modified: 2013-11-22
We need to block particular websites from users.
I need to setup rules on our 2040pro with enhanced OS to block them.

I have been reading the manual and it is all a bit confusing. Could someone(s) show me the light?

Let's use an example. Say I want to block youtube.com
How would I set up the rules for that?

Thanks
0
Comment
Question by:05fdml
  • 3
  • 3
6 Comments
 
LVL 32

Expert Comment

by:dpk_wal
ID: 24788306
This can be done in two ways:
1. Create specific policies which deny access to specific website from the internal network. and/PR
2. Use Security Services -> Content Filter to Restrict web features. HEre you add Forbidden domains. Also, you have options to disable all web traffic except for Allowed Domains.

For option 2 to work, the traffic must be strictly web traffic, if it is any traffic other than web traffic, for eg, P2P, messenger, etc, then option 2 would not work. It works for HTTPS traffic but only IP based rather than URL based.

Option 1 would always work irrespective of the port/protocol used to access the website(s) in question; however, you would need to provide an extensive list of public IP address for the websites and include all possible IPs when configuring the policy.
And, if a website is heavily mirrored, example www.yahoo.com, you would need to keep updating  the policy with all the modifications as and when there are modifications to the mirror addresses [making the task cumbersome and very tough].

Please let know if you need more details.

Thank you.
0
 

Author Comment

by:05fdml
ID: 24789369
We need to go with option number 1.
Users have found a way around the content filter - using the ip address of the site. Since we now need to enter the ip address in as well as the website name, it is best if we learn to use the rules, etc. to block certain sites

Also, we don't want to advertise that were are blocking (as with the content filter), we just want them to think they can't get there.

We are using sonicwall pro 2040 with enhanced os version 4.

any further info would be helpful

thanks
0
 

Author Comment

by:05fdml
ID: 24789518
For instance:

We want the LAN users to not be able to access WAN IP 198.68.70.12

0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 
LVL 32

Expert Comment

by:dpk_wal
ID: 24792737
Go to Firewall->Access rules,
1. Click Add at the bottom of the Access Rules table.
2. In the General tab, select Deny from the Action list.
3. Select "LAN" in from and "WAN" in to zones.
4. Select HTTP from the Service list [or a pre-created custom service if the case be].
5. Leave source as ANY.
6. Select 198.68.70.12 [destination] from the Source list. If not already added, select Create New Network and then add under Add Address Object.
7. Leave rest fields to default and click OK.

Thank you.
0
 

Author Comment

by:05fdml
ID: 24920347
in the add address object there is a tab zone assignmnet.

IT defaults to "Lan". SHould it be changed to "WAN"?

in the type drop down, should it be left as "host"?


Thanks!@
0
 
LVL 32

Accepted Solution

by:
dpk_wal earned 500 total points
ID: 24922358
The zone depends on the place where the address resides, continuing from my last post, if we want to create address on step 6, we would select WAN [there is a correction, I should have written "Destination list" there instead of "Source list"].

drop down type would be host, as you would add individual IP address(es) of the server(s). If you wish to add host range [continuous IPs] or IP subnet then the drop down options change accordingly.

Thank you.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

For those of you actively in the Malware fightling business, we now have available an amazing new tool in the malware wars (first recommended to me by rpggamergirl (http://www.experts-exchange.com/M_3598771.html), the Zone Advisor for the Virus and …
By the time you finish reading this article, you may have already lost all your money because you don't know the simple steps to securing your BitCoin wallet. BitCoin is an incredible invention. It is a decentralized currency system, which is the…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now