How do I block specific domains (pandora.com, etc.) in the Sonicwall? It seems like this would happen in the CFS but do I need a subscription for this? I don't want to subscribe to Sonicwall's filtering list, I just want to block a couple specific domains.
We have an RVS-4000 router that we use as an Internet gateway on our school network. I am trying to set up an Internet Access Policy to block some specific websites by URL using a domain name. I set up the policy, and added a PC to the list using the mac address, and the blocking did not work. I went back to the list and added the IP address of the same PC, the policy still did not work to block the domain. I rebooted the router, cleared the Internet Temporary files and history on the PC, and the policy still does not work. It acts like it is going to block access to the website because it takes a long time, but it will eventually connect.
How to configure the 825 to block inbound traffic from a specific internet IP address ?i noticed an IP and MAC that i don't recognize that is listed as a connection to my NAS's media server ...i blocked it in the NAS configuration page, but i don't want any unsolicited traffic into my network.
I dont mean a website like facebook.com, but i want it to block an individual page,such as a profile page, yet still be able to access the rest of the site? Again i'm not after facebook settings etc, but i want to restrict access to certain webpages within Lan.
I have the Qwest/Actiontec Q1000 modem/router. I go to the ip address using my web-browser and open up advanced configurations -> access scheduler. I select a computer (and it automatically adds the MAC address) and then the days/times I want the internet to be accessible. However, when I click "add" (to add my internet allowance to the scheduler list) it just says 12:00 to 0:00, which is essentially permanently blocking the internet for that computer.
I have an 1841 between my firewall and the ISP. Three interfaces - multilink to ISP, FA to my firewall, and FA to my inside network. I use the inside interface for configs aand snmp access, etc. Only my ISP-assigned fixed address block will get routed to the multilink by the ISP but I am nervous about the inside interface sitting on my LAN. I know I can remove it, but if I keep it there, how can I set up an ACL so that all traffic from the multilink interface is denied to the inside interface? I suppose another way to think about it that the inbound iface can only accept traffic from its own outside, not from the router.I think this is fairly simple but I don't want to knock down the traffic if I get it wrong.
I have Cisco ASA 8.0(5) and I need to block specific url to acees my https server in dmz ?I read about websence technology, but I think it's not free right? Also I read abotu policy inspection map's but in my case is HTTPS not http ..
I have a WAG160Nv2 and I want to block specific external ip addresses from trying to get at our server that uses the WAG160Nv2 as an internet gateway. It's not immediately obvious if this can be done from looking through the config pages.
if the firewall rules in the RVL200 work for inter LAN routing as well as LAN<->WAN? I need 2 separate networks in a house, 1 for business 1 for family, and I want to only allow my IP on network 1 (family net,10.0.0.0/24) access to network 2 (business net 10.0.1.0/24). I want this as if I change rooms were a access point for business is not available I can use the home net and specific IP to access certain business net IPs. I saw you can turn inter vlan routing on or off, but it wasn't clear on firewall rules.know of a similar router in cost but with gige instead of 100Mb ports?
I'm using an ASA5505 (8.4(1)) and would like to block port 80 on a specific host in the LAN so machines in other remote LANs connected via VPN can't access this port on the host. Devices in the local LAN should have access to this port on the host. Here are the commands I'm using:
-access-list block_port extended deny tcp any host 10.20.10.20 eq 80 -access-list block_port extended permit ip any any -access-group block_port out interface inside
These commands are not working as I would expect them to. When I browse to http://10.20.10.20 from a remote machine over the VPN tunnel I am able to access the host web server.
I have arequirement where in I need to allow only specific vendor made desktops/laptops to be connected to the switch and block the rest. Say I want only the HP made Laptops to be connected on the Network. and block all other vendors. such as dell, ibm etc.
I am having Catalyst 4500 switches in My network. i tried using the mac access list using the permit and deny statement and then mapping the access list to the vlan access map and then filter using the vlan id. But this doesnt work on cat 4500....the same I tested for 2950 switch and it works perfectly. are there any restrictions on 4500 or any extra configuration has to be done.
How to block a specific website with a specific time (office hours) for example "facebook" I want to block facebook within 8AM - 12Noon then 12-1 they can access the website, then 1-4 block again the website .
I was wondering if it was possible to block imessage to specific clients on the EA6500.These are the ips apple uses for imessage I need to create a firewall rule that blocks these ips from reaching a specific client on the network.
I have a Belkin N750 router which I purchased because the box said it had filtering options. I didn't realize that the filtering was only sites that Norton kept track of. There are certain adware sites I know about that I would like to filter. Possible with this router?
Is it possible to enable an absolute value rate limit using QOS on a HP ProCurve 5406 switch for a particular IP range on a specific port? Is there a way to configure our HP 5406 with an absolute rate limit on "WAN" port for that server's IP range? I would like to limit it to only being capable of sending 1Mbps worth of traffic over the head end at once.Everything in the documentation points towards priority queues, which as far as I can tell, isn't really what I want.Baring accomplishing this goal using rate limiting is there a better way to prevent our services from accidentally saturating this connection?i thimkong about somthing like that:
class ipv4 rate-limit-port-A1 match ip 10.136.0.0/16 any exit policy qos port-a1-ratelimit class servers-to-be-slowed action rate-limit kbps 1000 exit interface A1 service-policy port-a1-ratelimit inI'm not sure about this.
I use a router RV082 with load balancing. My problem is when I try to access a specific site, I get the error message that my IP address changes and I can not use 2 ip address. I want to specify an ip range to always use the same WAN port.
Need assistance understanding how in ASDM/Configuration/Site-to-Site VPN/Connection Profiles/ "Any Entry" I can specify that I only want to offer an IKE Proposal of pre-share-aes-256-sha?
The IKE Proposal field has a number of possible options including: pre-share-aes-256-md5, pre-share-3des-md5, pre-share-aes-256-sha, pre-share-aes-192-sha, pre-share-3des-md5, pre-share-aes-sha and pre-share-3des-sha.
I am able to pick a specific IPSec Proposal w/o issue but when I attempt to do the same for the IKE Proposal, and click OK the choice does not "stick" but rather returns to the entire list as defined above.
My company bought another company and moved them into our building. the company moved in but are on an entirely different network all together. wired separately, different domains.what i would like to do is be able to have them communicate with each other. have users on company A be able to use printers on company B's side of the network.
My company have just set up a new subsidiary. I have had a request from my Managing Director asking if it is possible for us to share calendars with the other company so if he wants to make a meeting appointment he can check if Joe Bloggs from the subsidiary is free.There is domain A (parent company) and domain B (subsidiary)Both us and the subsidiary are currently running Microsoft Exchange 2007 on windows SBS 2008 server with mainly windows 7 clients with Outlook 2007-2010?Is it possible to share calendars between the 2 domains?
We are trying to set up ACS 5.2 in our multi-forest AD environment. As part of our evaluation we set up an Active Directory External Identity Store to a domain (a.b.edu). It connects properly and I can see the directory groups in the that tab when we Select. This domain (a.b.edu) has a two way trust with another domain in another forest (x.y.b.edu). However, I do not see the groups in that domain and I cannot seem to manually add those groups using the Add on the free text Group Name.
The documentation is not clear on this point: Page 8-41 and 8-42 of the "User Guide for the Cisco Secure Access Control System 5.2) says: "The External User Groups dialog box appears displaying a list of AD groups in the domain, as well as other trusted domains in the same forest." This implies to me that it cannot cross forests even though a trust is set up. This seems to be what is happening.
Currently, my company runs a DC and exchange server in the building. It is also hosting our website with IIS7. All AD users currently have @company1.com.au email addresses.We have just started an off shoot company and would like to setup emails in exchange so that we can automatically assign and manage emails on the same exchange server. so that each user hasWhat is the best way to do this?At the moment, company2.com - company is hosted outside with someone else. Is there a way that he can direct the mail to us so that he hosts the website but we host the email server?
I've been tasked with designing a network consisting of 3 separate broadcast domains with each one representing a separate business accross 3 separate floors. None of the companies should be able to communicate with each other.I've been told that the design should only represent the first 3 layers of the OSI model so I'm only looking at Cabling, Switching and Routing.
I don't expect you all to tell me exactly how I should do this, however I just need a starting point. My main issue is with routing. I'm aware that each port on a router represents a broadcast domain so if I use one router, 3 broadcast domains, does that means that none of the domains will be able to communicate with each other? Should I use more than one router or can i get away with one? Also just so you are aware I've been told not to use VLans and each broadcast domain must have its own ip address schema.