D-Link Forums
The Graveyard - Products No Longer Supported => D-Link NetDefend Firewalls => Topic started by: aroraditya on May 18, 2012, 05:56:44 AM
-
Hello everyone,
i need a small help. I am having a DFL-800 Firewall through which we are blocking facebook and other sites in our office domain network. it block facebook if user open it http://www.facebook.com.
but if any user open it with HTTPS://www.facebook.com firewall didnt block them ???.
please advise how can i block https sites through DFL 800.
thank you very much for advise.
Regards
Aditya
-
you can use opendns filtering or filter https protocol allowing only known https sites
you cannot filter https traffic because of encryption obscure url text
-
The only way to do that with a DFL firewall is to block the HTTPS traffic to the domain ranges used by facebook:
Create a few objects for the IP adresses
FACEBOOK_A 69.171.224.0/19
FACEBOOK_B 66.220.144.0/20
and so on.
After that, create a group that contains all those objects
IP_GP_Facebook FACEBOOK_A, FACEBOOK_B
Create a block rule before all the other rules and that should prevent the access to facebook.
Here's a suggested list of IP adresses:
http://stackoverflow.com/questions/11164672/list-of-ip-space-used-by-facebook