Nusferatu
asked on
Cyberoam CR25ia Firmware Version 10.6.5 is not blocking Youtube , Facebook or any webtraffic that is using https
Cyberoam CR25ia Firmware Version 10.6.5 is not blocking Youtube , Facebook or any webtraffic that is using https, is there a way to block such traffic without applying certificates to all users browsers?
Unit is deployed in Bridge mode and there's no LDAP integration.
Appreciate your help
Unit is deployed in Bridge mode and there's no LDAP integration.
Appreciate your help
ASKER
Definitely understood my friend, both Https scanning along with Application Filters are applied, still the issue persists, HTTPS traffic that I desire to block remains unblocked.
OK, so you may have to create a rule for DNS traffic on top of the firewall rule set to allow the DNS queries to reach the DNS servers in order to make the authentication functionality work properly. Hence this traffic is not scanned by the application filter, which in turn allows users will be able to access YouTube.
Does that make sense?
Does that make sense?
So, you can block this traffic by applying a application filter policy in a newly created DNS rule. The Application Signature YouTube Website, identifies the DNS queries for YouTube domain.
Now when a user tries to access youtube.com the DNS query is blocked.
I prefer SonicWALL's approach to this...it is far less convoluted without any workarounds.
Let me know if you have any questions!
1. Locate the Application signature called YouTube Website, which identifies the DNS queries for YouTube domain;
2. Create an Application Filter Policy called YouTube_DNS with application signature YouTube Website , action set to Denied;
3. In the DNS rule (LAN>WAN), under Security Policies > Application Filter, add YouTubeDNS.
2. Create an Application Filter Policy called YouTube_DNS with application signature YouTube Website , action set to Denied;
3. In the DNS rule (LAN>WAN), under Security Policies > Application Filter, add YouTubeDNS.
Now when a user tries to access youtube.com the DNS query is blocked.
I prefer SonicWALL's approach to this...it is far less convoluted without any workarounds.
Let me know if you have any questions!
ASKER
Thank you my friend, sad to say that this has been applied as well and it is not working the traffic still pass through.Although that solution is not the ideal since it will block the traffic for all users behind the firewall I thought of giving a go months ago and it didn't work.
The absence of an LDAP is making it a bit hard, the only thing I didn't try yet is applying browsers certificates generated from the Cyberoam unit as this will bring more grief than solving a problem due to the nature of the users being dealt with, they might end up blaming the browsers certificate for the problem they have with their oven. Plus the certificate solution is hard to roll-out in the absence of a GPO, need to find a way to apply it directly on the CR unit.
Cheers and thank you
Sherif Fouad
The absence of an LDAP is making it a bit hard, the only thing I didn't try yet is applying browsers certificates generated from the Cyberoam unit as this will bring more grief than solving a problem due to the nature of the users being dealt with, they might end up blaming the browsers certificate for the problem they have with their oven. Plus the certificate solution is hard to roll-out in the absence of a GPO, need to find a way to apply it directly on the CR unit.
Cheers and thank you
Sherif Fouad
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
With Content Filtering, by itself, it cannot block HTTPS effectively because it plainly cannot view the content and HTTPS is convertered to an IP address.
The only way to truly filter/block HTTPS is either:
• Application Filter
Let me know if you have any other questions!