Blocking domains


#1

Is it possible to block entire domains like .ru and .cn?


#2

Blocking an entire top level domain is not possible with our firewall. You can place a wildcard at the end and it will block all access for a specific hostname, for example blocking foobar.* will block foobar.com, foobar.ru, foobar.cn, etc.


#3

I have a Balance 20 for our company. I’d like to block Netflix.com so our employees can’t watch Netflix at work. I’m not seeing anywhere to block that domain in the setup. The firewall rules all seem to be IP based and don’t allow domain rules. The QOS rules are practically the same. They block certain streaming protocols, but have nothing to do with domain names. We use video streaming at my company so I can’t just start blocking whole protocols. I need to block specific domain names only. How do I do that?


#4

To block by domain name please ensure that you are on current firmware 5.4.9. Firmware can be downloaded from our main website http://www.peplink.com/support/downloads/balance-firmware-and-user-manual


#5

Be sure your Balance 20 is on the current version of firmware for this feature.


#6

I just upgraded to FW to v5.4.9 and I’m still not seeing where to set this option?


#7

You should see this by going to the following. Network>Firewall>Access Rules>Add Outbound Firewall Rule>Destination IP (Drop Down Menu).



#8

That works nicely. Not sure why you guys buried it like that. It’s a fantastic feature that should be on the left menu, or the Inbound rules.


#9

:frowning: I added netflix.com, youtube.com, facebook.com, tumblr.com, and hulu.com to the list. It seems to work but now google.com sometimes never comes up. What’s the deal? Do I need to make sure that the Peplink router is my main DNS server? Right now I have 8.8.8.8 as my DNS1.


#10

8.8.8.8 works fine as a DNS server, or you can use the one provided by your ISP. google.com not coming up is unrelated to the blocking of domains.


#11

Depending where you are, and which ISP serves you, the youtube a google might be on the same IP or subnet /24. Also see this thread:
https://forum.peplink.com/threads/2101-custom-rules-needed-for-some-sites


#12

Hello, I am trying to do the same thing. Question though: Why not use “Web Blocking” instead of “Access Rules”. Does this produce the same result? Or is it better to do through Access Rules?


#13

I have facebook and youtube blocked on the workstations. I would like to know how to block these sites on mobile phones and Ipads.
Is this possible tru the web blocking feature of Balance 380? Thanks…


#14

Web Blocking is doing packet inspection inside HTTP header and determine it should be filter or not, but it won’t works on HTTPS as it is encrypted. Access Rules will determine the IP of the domain name during the workstations perform DNS lookup across the Peplink/Pepwave MAX unit. It works with HTTP, HTTPS and other traffic. But in some situation, for example, youtube.com and google.com are using same IP address, if you blocked youtube.com, google.com may also be blocked.

Both blocking features “Web Blocking” and “Access Rule” work with the workstation which domain name lookup are passthrough the Peplink/Pepwave MAX unit. Therefore, when mobile phones and tablets are using WiFI and visit Internet through our unit, those devices will also have blocking features enabled.


#15

Its working right now. Im using the "Access Rule. Thank you for your inputs Mr. Chan.