Blocking Websites on ASA 5505
Posted on 2010-08-30
Hi all! I would like to block a couple of websites on my network and have been unsuccessful so far in my pursuit. I have tried blocking via Group Policy using IPSec and also setting up blocked sites on the DC and importing those rules into GP also. IPSec didn't work at all and the other way blocked every site in the OU and not just the sites i chose. I have an ASA 5505 and know that i can more than likely block individual ip addresses via ACL. The problem is i want to block you tube and ebay which have multiple ip address that can be accessed. I've recently put in a snort server and use ntop also to see who's using up bandwith and what sites are being perused throughout the day. Well it seems that I have a user that hasn't listened still after quite a while of telling him not to stream you tube so he can listen to music and i would like to shut it down completely and maybe he'll get the picture. I don't mind some use at all because I have a small network I can stay on top of but I need to get my point across. Any suggestions or solutions that don't require spending any large amounts of cash right now. I know something can be done with what I have in place I either just haven't done it right or haven't found what I need.