Solved

how to block https facebook.com?

Posted on 2011-03-02
22
7,511 Views
Last Modified: 2012-05-11
I blocked facebook.com  and youtube.com in firewall and  users cant open this sites.

but when they try to open  https://facebook.com or  https://youtube.com my block rule dont works...

how can i block https://facebook.com and Https://youtube.com ???

We use sonicwall firewall.
0
Comment
Question by:Mirceyhun
  • 9
  • 9
  • 2
  • +2
22 Comments
 
LVL 7

Expert Comment

by:wparrott
ID: 35017129
Easiest way is with the SonicWall SSL Control Feature.

Here's a link to step-by-step instructions:

http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=5853&formaction=catalert

HTH,

-W
0
 

Author Comment

by:Mirceyhun
ID: 35017292
sorry... but it didnt help... (
0
 
LVL 6

Expert Comment

by:alienXeno
ID: 35017365
You can just blackhole these sites in your internal corp DNS. redirect them to some internal webserver hosting a block page  or just resolve them to 127.0.0.1.
0
 

Author Comment

by:Mirceyhun
ID: 35017546
Our VIP users must be able to open Facebook and Youtube...
0
 
LVL 33

Expert Comment

by:digitap
ID: 35017654
what model of sonicwall do you have? is it enhanced or standard OS?

i think you need to enable the following on your sonicwall: go to security services > content filter > Configure > check Enable IP based HTTPS Content Filtering.
0
 

Author Comment

by:Mirceyhun
ID: 35017726
Sonicwall nsa2400

IP based HTTPS Content Filtering  enabled... but didnt help
0
 
LVL 33

Expert Comment

by:digitap
ID: 35017753
reading through the comments again, i see some contradiction. you say in your question that you want to disable https://facebook.com, but then i see you need it opened? can you elaborate on this a little?
0
 
LVL 2

Expert Comment

by:Akash Bansal
ID: 35017833
i am having the similar issue, I have CISCO RVS4000 with protectlink security service which helps me to block web category
It blocks facebook.com but when the user put https://facebook.com it does not block the site.
I do not want to modify LMHOST on each computer.
0
 
LVL 33

Expert Comment

by:digitap
ID: 35019370
@Mirceyhun :: doing some more looking, i discovered the KB below.

https://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=3590

with that, if you use the following public IPs to suplement that check box checked in the forbidden domain, 69.63.181.12, 69.63.189.11, 69.63.189.16, i think you'll find that https://www.facebook.com will be blocked.

@BansalAkash :: Do you currently have a question open for this particular issue?
0
 

Author Comment

by:Mirceyhun
ID: 35027632
Ip blocking didnt help
0
 
LVL 33

Expert Comment

by:digitap
ID: 35027703
clarification, you need facebook blocked whether HTTP or HTTPS, right? currently, on ANY workstation, facebook for HTTP is being blocked, but ANY workstation that tries to connect at HTTPS for facebook isn't blocked, right?

so, the content filter IS working, but not for ANY HTTPS sites, right?
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 2

Expert Comment

by:Akash Bansal
ID: 35028158
@digitap its true in my case
No I haven't opened any case for this question
0
 

Author Comment

by:Mirceyhun
ID: 35029524
@ yes you are right
0
 
LVL 33

Expert Comment

by:digitap
ID: 35029573
ok...let's change things up a bit. review the kb below. it walks through using the application firewall. are you licensed for that?

https://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=8190
0
 

Author Comment

by:Mirceyhun
ID: 35053416
I tried it. but users still can access https facebook ((
0
 
LVL 33

Expert Comment

by:digitap
ID: 35053427
something else is going on. i can't say for certain without seeing your settings. is the firmware up to date on your sonicwall? sorry, if that's already been covered.
0
 

Author Comment

by:Mirceyhun
ID: 35053455
our license expired in 25.02.2011. new license will come in aprel... but i dont think that is a reason... because everythink works fine yet. and we can block sites. only https sites are problem.
0
 
LVL 33

Expert Comment

by:digitap
ID: 35053469
i know it seems hard to believe, but you've followed all of the KBs i've posted so it the only thing left i can think of is the firmware. what version are you currently on?
0
 

Author Comment

by:Mirceyhun
ID: 35053596
5.6.0.10-52 - firmvare version
0
 
LVL 33

Accepted Solution

by:
digitap earned 500 total points
ID: 35064833
you have the version right before the Early Release, which is at version 5.8.0.2-37o. Early Release is not beta and includes fixes but also features that have not been enabled yet. i've been instructed by support to install Early Release firmware to resolve issues. also, i've seen early release firmware resolve issues that were not in the release notes.

by the way, your current issue is NOT mentioned in the release notes.
0
 

Author Closing Comment

by:Mirceyhun
ID: 35068094
thanks i will try
0
 
LVL 33

Expert Comment

by:digitap
ID: 35068973
ok...report back one way or the other. i don't want to claim the points if this wasn't the solution, although i appreciate the points.
0

Featured Post

Network it in WD Red

There's an industry-leading WD Red drive for every compatible NAS system to help fulfill your data storage needs. With drives up to 8TB, WD Red offers a wide array of solutions for customers looking to build the biggest, best-performing NAS storage solution.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
These days, all we hear about hacktivists took down so and so websites and retrieved thousands of user’s data. One of the techniques to get unauthorized access to database is by performing SQL injection. This article is quite lengthy which gives bas…
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now