How to block video on backup WAN only


#1

I’m a new Peplink Balance 20 user and am setting it up on a home network primarily for failover to a backup USB cell modem in case the broadband cable WAN1 goes down. Is there a simple way to always block video traffic, like Netflix, YouTube, Amazon movie streaming, etc. from WAN3 (and only WAN3)? If not, can Domain Name be added to Inbound firewall rules OR WAN added to outbound rules?..

Or better yet, maybe add a WAN option to Content Blocking? I’m sure there may be other high bandwidth traffic apps/sites that I’d like to ban from the cell modem, but since this network is often used for working from home, I would definitely also like to allow most everything else - email, web-surfing, VOIP, Skype, etc. Just don’t want the kids streaming video/movies/music when the cable happens to go down!


#2

You may configure Outbound Policy (with domain name) to force these traffics to WAN1. You may find all related domains for https://www.youtube.com/watch?v=(http://www.peplink.com/knowledgebase/use-peplinks-firewall-feature-to-block-netflix/) in our knowledge base.


#3

So I’m on firmware version 6.3.1 which appears to be the latest for a Balance 20 and I don’t see an option to choose a WAN for the Outbound policy - this is only available on Inbound. Am I missing something?


#4

I think you are referring to outbound firewall rules but instead you need to make a custom outbound rule. Just go to the Network heading and then click on Outbound Policy on the left side.

Instead of entering in multiple rules for all the different domains there is another option. You could just create a DHCP reservation for all of the devices you don’t want to be able to use the cellular connection. Then create an outbound policy rule for each IP address: Source = IP address of the device, Destination = Any, Algorithm = Enforced, WAN = 1.


#5

OK, got it. Thanks TK & Tim for the prompt responses! This gets me part-way there. I still want to allow most of the devices to use WAN3, just not video, etc. So it looks like I am going to have to set up rules for all the domain names that I can think of, unless there are specific protocol services to restrict that will achieve the same thing?


#6

I’m good. Ended up w/rules combining both your suggestions. Added the Netflix & YouTube outgoing domain rules for all devices to be enforced to WAN1 and also enforced WAN1 access for all individual IP addresses for TV’s, TiVos, PS4, etc.

ThankyouThankyouThankyou!


#7

Awesome :up: