Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

how to block https facebook.com?

Posted on 2011-03-02
22
Medium Priority
?
7,739 Views
Last Modified: 2012-05-11
I blocked facebook.com  and youtube.com in firewall and  users cant open this sites.

but when they try to open  https://facebook.com or  https://youtube.com my block rule dont works...

how can i block https://facebook.com and Https://youtube.com ???

We use sonicwall firewall.
0
Comment
Question by:Mirceyhun
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 9
  • 9
  • 2
  • +2
22 Comments
 
LVL 7

Expert Comment

by:wparrott
ID: 35017129
Easiest way is with the SonicWall SSL Control Feature.

Here's a link to step-by-step instructions:

http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=5853&formaction=catalert

HTH,

-W
0
 

Author Comment

by:Mirceyhun
ID: 35017292
sorry... but it didnt help... (
0
 
LVL 6

Expert Comment

by:alienXeno
ID: 35017365
You can just blackhole these sites in your internal corp DNS. redirect them to some internal webserver hosting a block page  or just resolve them to 127.0.0.1.
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 

Author Comment

by:Mirceyhun
ID: 35017546
Our VIP users must be able to open Facebook and Youtube...
0
 
LVL 33

Expert Comment

by:digitap
ID: 35017654
what model of sonicwall do you have? is it enhanced or standard OS?

i think you need to enable the following on your sonicwall: go to security services > content filter > Configure > check Enable IP based HTTPS Content Filtering.
0
 

Author Comment

by:Mirceyhun
ID: 35017726
Sonicwall nsa2400

IP based HTTPS Content Filtering  enabled... but didnt help
0
 
LVL 33

Expert Comment

by:digitap
ID: 35017753
reading through the comments again, i see some contradiction. you say in your question that you want to disable https://facebook.com, but then i see you need it opened? can you elaborate on this a little?
0
 
LVL 2

Expert Comment

by:Akash Bansal
ID: 35017833
i am having the similar issue, I have CISCO RVS4000 with protectlink security service which helps me to block web category
It blocks facebook.com but when the user put https://facebook.com it does not block the site.
I do not want to modify LMHOST on each computer.
0
 
LVL 33

Expert Comment

by:digitap
ID: 35019370
@Mirceyhun :: doing some more looking, i discovered the KB below.

https://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=3590

with that, if you use the following public IPs to suplement that check box checked in the forbidden domain, 69.63.181.12, 69.63.189.11, 69.63.189.16, i think you'll find that https://www.facebook.com will be blocked.

@BansalAkash :: Do you currently have a question open for this particular issue?
0
 

Author Comment

by:Mirceyhun
ID: 35027632
Ip blocking didnt help
0
 
LVL 33

Expert Comment

by:digitap
ID: 35027703
clarification, you need facebook blocked whether HTTP or HTTPS, right? currently, on ANY workstation, facebook for HTTP is being blocked, but ANY workstation that tries to connect at HTTPS for facebook isn't blocked, right?

so, the content filter IS working, but not for ANY HTTPS sites, right?
0
 
LVL 2

Expert Comment

by:Akash Bansal
ID: 35028158
@digitap its true in my case
No I haven't opened any case for this question
0
 

Author Comment

by:Mirceyhun
ID: 35029524
@ yes you are right
0
 
LVL 33

Expert Comment

by:digitap
ID: 35029573
ok...let's change things up a bit. review the kb below. it walks through using the application firewall. are you licensed for that?

https://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=8190
0
 

Author Comment

by:Mirceyhun
ID: 35053416
I tried it. but users still can access https facebook ((
0
 
LVL 33

Expert Comment

by:digitap
ID: 35053427
something else is going on. i can't say for certain without seeing your settings. is the firmware up to date on your sonicwall? sorry, if that's already been covered.
0
 

Author Comment

by:Mirceyhun
ID: 35053455
our license expired in 25.02.2011. new license will come in aprel... but i dont think that is a reason... because everythink works fine yet. and we can block sites. only https sites are problem.
0
 
LVL 33

Expert Comment

by:digitap
ID: 35053469
i know it seems hard to believe, but you've followed all of the KBs i've posted so it the only thing left i can think of is the firmware. what version are you currently on?
0
 

Author Comment

by:Mirceyhun
ID: 35053596
5.6.0.10-52 - firmvare version
0
 
LVL 33

Accepted Solution

by:
digitap earned 2000 total points
ID: 35064833
you have the version right before the Early Release, which is at version 5.8.0.2-37o. Early Release is not beta and includes fixes but also features that have not been enabled yet. i've been instructed by support to install Early Release firmware to resolve issues. also, i've seen early release firmware resolve issues that were not in the release notes.

by the way, your current issue is NOT mentioned in the release notes.
0
 

Author Closing Comment

by:Mirceyhun
ID: 35068094
thanks i will try
0
 
LVL 33

Expert Comment

by:digitap
ID: 35068973
ok...report back one way or the other. i don't want to claim the points if this wasn't the solution, although i appreciate the points.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The well known Cerber ransomware continues to spread this summer through spear phishing email campaigns targeting enterprises. Learn how it easily bypasses traditional defenses - and what you can do to protect your data.
Check out what's been happening in the Experts Exchange community.
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question