Solved

How to block facebook in Firewall Juniper SSG320m? any idea?

Posted on 2014-02-03
8
1,868 Views
Last Modified: 2014-02-10
Hi EE's

Any please help me to block https://facebook.com from my network. I am using Juniper SSG 320m. I not an expert in Juniper. Please help.

Regards
Shamil
0
Comment
Question by:Shamil Mohamed
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
8 Comments
 

Expert Comment

by:nitintembhare
ID: 39831690
Use Integrated Web filtering feature for blocking the specific web URL.
0
 
LVL 1

Author Comment

by:Shamil Mohamed
ID: 39831694
where i need to Integrated web filtering feature?
0
 

Expert Comment

by:nitintembhare
ID: 39831713
The Integrated web filtering feature has to be subscribed from juniper.........
0
Surfing Is Meant To Be Done Outdoors

Featuring its rugged IP67 compliant exterior and delivering broad, fast, and reliable Wi-Fi coverage, the AP322 is the ideal solution for the outdoors. Manage this AP with either a Firebox as a gateway controller, or with the Wi-Fi Cloud for an expanded set of management features

 
LVL 69

Expert Comment

by:Qlemo
ID: 39831809
The only other way is to block traffic to all facebook site IPs. The reported ones are
  65.201.208.24/29
  65.204.104.128/28
  66.93.78.176/29
  66.199.37.136/29
  66.220.144.0/20
  67.200.105.48/30
  69.63.176.0/20
  66.92.180.48/28
  69.171.224.0/19
  73.252.64.0/18
  74.119.76.0/22
  204.15.20.0/22
or, in short, hellofalot. You can create a "Reject" policy for HTTP and HTTPS to those adress blocks - or, more smart, fake DNS entries for facebook in your local DNS server. Faking is done by creating
   www.facebook.com
   facebook.com
   login.facebook.com
all with IP 127.0.0.1 (own machine).
0
 
LVL 1

Author Comment

by:Shamil Mohamed
ID: 39845068
Mr Qlemo,

thanks alot for your idea.. But can u please help me how to

"Faking is done by creating
   www.facebook.com
   facebook.com
   login.facebook.com
all with IP 127.0.0.1 (own machine). "

Please..

Thank you
0
 
LVL 69

Accepted Solution

by:
Qlemo earned 500 total points
ID: 39845163
If you have an own DNS server running, you'll need to create host entries (type "A") there. Open the DNS Manager, go to "Forward Lookup Zones", create a folder "facebook.com", and create the entries "login", "www" and an empty one, all with 127.0.0.1 as IP.

If you don't use a DNS server, you'll have to open %WinDir%\system32\drivers\etc\hosts, and insert
127.0.0.1   www.facebook.com
127.0.0.1   facebook.com
127.0.0.1   login.facebook.com
there - on each client. This is, of course, unreliable, as everybody is able to remove those entries again if not specially protected.
0
 
LVL 1

Author Comment

by:Shamil Mohamed
ID: 39846300
this actually works bro...

thank you..
0

Featured Post

Surfing Is Meant To Be Done Outdoors

Featuring its rugged IP67 compliant exterior and delivering broad, fast, and reliable Wi-Fi coverage, the AP322 is the ideal solution for the outdoors. Manage this AP with either a Firebox as a gateway controller, or with the Wi-Fi Cloud for an expanded set of management features

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question