Solved

block ip address with sonicwall pro 2040 enhanced

Posted on 2009-07-02
6
2,405 Views
Last Modified: 2013-11-22
We need to block particular websites from users.
I need to setup rules on our 2040pro with enhanced OS to block them.

I have been reading the manual and it is all a bit confusing. Could someone(s) show me the light?

Let's use an example. Say I want to block youtube.com
How would I set up the rules for that?

Thanks
0
Comment
Question by:05fdml
  • 3
  • 3
6 Comments
 
LVL 32

Expert Comment

by:dpk_wal
ID: 24788306
This can be done in two ways:
1. Create specific policies which deny access to specific website from the internal network. and/PR
2. Use Security Services -> Content Filter to Restrict web features. HEre you add Forbidden domains. Also, you have options to disable all web traffic except for Allowed Domains.

For option 2 to work, the traffic must be strictly web traffic, if it is any traffic other than web traffic, for eg, P2P, messenger, etc, then option 2 would not work. It works for HTTPS traffic but only IP based rather than URL based.

Option 1 would always work irrespective of the port/protocol used to access the website(s) in question; however, you would need to provide an extensive list of public IP address for the websites and include all possible IPs when configuring the policy.
And, if a website is heavily mirrored, example www.yahoo.com, you would need to keep updating  the policy with all the modifications as and when there are modifications to the mirror addresses [making the task cumbersome and very tough].

Please let know if you need more details.

Thank you.
0
 

Author Comment

by:05fdml
ID: 24789369
We need to go with option number 1.
Users have found a way around the content filter - using the ip address of the site. Since we now need to enter the ip address in as well as the website name, it is best if we learn to use the rules, etc. to block certain sites

Also, we don't want to advertise that were are blocking (as with the content filter), we just want them to think they can't get there.

We are using sonicwall pro 2040 with enhanced os version 4.

any further info would be helpful

thanks
0
 

Author Comment

by:05fdml
ID: 24789518
For instance:

We want the LAN users to not be able to access WAN IP 198.68.70.12

0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 32

Expert Comment

by:dpk_wal
ID: 24792737
Go to Firewall->Access rules,
1. Click Add at the bottom of the Access Rules table.
2. In the General tab, select Deny from the Action list.
3. Select "LAN" in from and "WAN" in to zones.
4. Select HTTP from the Service list [or a pre-created custom service if the case be].
5. Leave source as ANY.
6. Select 198.68.70.12 [destination] from the Source list. If not already added, select Create New Network and then add under Add Address Object.
7. Leave rest fields to default and click OK.

Thank you.
0
 

Author Comment

by:05fdml
ID: 24920347
in the add address object there is a tab zone assignmnet.

IT defaults to "Lan". SHould it be changed to "WAN"?

in the type drop down, should it be left as "host"?


Thanks!@
0
 
LVL 32

Accepted Solution

by:
dpk_wal earned 500 total points
ID: 24922358
The zone depends on the place where the address resides, continuing from my last post, if we want to create address on step 6, we would select WAN [there is a correction, I should have written "Destination list" there instead of "Source list"].

drop down type would be host, as you would add individual IP address(es) of the server(s). If you wish to add host range [continuous IPs] or IP subnet then the drop down options change accordingly.

Thank you.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Have you ever tried to find someone you know on Facebook and searched to find more than one result with the same picture? Perhaps someone you know has told you that they have a 'facebook stalker' or someone who is 'posing as them' online and ta…
Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

861 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question