• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

block all sites but allow a select few?

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> HTTP Filtering >> block all sites but allow a select few? Page: [1]
Login
Message << Older Topic   Newer Topic >>
block all sites but allow a select few? - 24.Feb.2006 3:22:14 PM   
peppereyes

 

Posts: 19
Joined: 20.Sep.2005
From: uk
Status: offline
is ther a way to block everything but only allow a few site's to be used?


Post #: 1
RE: block all sites but allow a select few? - 24.Feb.2006 6:46:57 PM   
elmajdal

 

Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
hi,

simplest way is :


Action : Deny
Protocols : All Outbound Protocols
From : Internal
To: External Except Approved_Sites
Condition: All Users

Create a new Domain Name Set , add the sites you approve you users to surf, then  create this Deny rule and add the Approved_sites( the domain name set you just created) to the exception of the Destination Network.

in this way you will be allowing your users to surf only approved sites.
if you dont require all protocols for your users , then select only your required protocols.


HTH

< Message edited by elmajdal -- 24.Feb.2006 6:48:26 PM >

(in reply to peppereyes)
Post #: 2
RE: block all sites but allow a select few? - 24.Feb.2006 6:56:23 PM   
LLigetfa

 

Posts: 2187
Joined: 10.Aug.2004
From: fort frances.on.ca
Status: offline
No need for a deny rule, the default rule does that.  Just need the specific allow rules.

_____________________________

The School of Hard Knocks is a mean teacher. She gives the exam before the lesson.

(in reply to elmajdal)
Post #: 3
RE: block all sites but allow a select few? - 24.Feb.2006 8:01:38 PM   
peppereyes

 

Posts: 19
Joined: 20.Sep.2005
From: uk
Status: offline
how do i make a Approved_sites rule?

thanks for the help so far


(in reply to elmajdal)
Post #: 4
RE: block all sites but allow a select few? - 24.Feb.2006 8:08:17 PM   
LLigetfa

 

Posts: 2187
Joined: 10.Aug.2004
From: fort frances.on.ca
Status: offline
An Approved_sites rule would be almost identical to the one Tarek provided.
quote:

Create a new Domain Name Set , add the sites you approve you users to surf, then create this Deny rule and add the Approved_sites( the domain name set you just created) to the exception of the Destination Network.

Only difference is you would put the destination set in the destinations field instead of exceptions.

_____________________________

The School of Hard Knocks is a mean teacher. She gives the exam before the lesson.

(in reply to peppereyes)
Post #: 5
RE: block all sites but allow a select few? - 25.Feb.2006 10:47:41 AM   
peppereyes

 

Posts: 19
Joined: 20.Sep.2005
From: uk
Status: offline
thats for the help i'll give it a go and let you know how i got on..

John

(in reply to LLigetfa)
Post #: 6
RE: block all sites but allow a select few? - 25.Feb.2006 11:00:35 AM   
elmajdal

 

Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
hi,

these might help u :

http://www.isaserver.org/articles/2004domainnamesets.html

http://www.isaserver.org/articles/2004firewallblocklist.html

(in reply to peppereyes)
Post #: 7
RE: block all sites but allow a select few? - 26.Feb.2006 9:21:32 AM   
peppereyes

 

Posts: 19
Joined: 20.Sep.2005
From: uk
Status: offline
thanks for the help guys that was just the job :-)
now all i have to do is figure out why i keep getting an error on my firewall and i'll be happy


(in reply to elmajdal)
Post #: 8
RE: block all sites but allow a select few? - 26.Feb.2006 10:58:44 AM   
elmajdal

 

Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
 

OK... and the Error is ... ?

(in reply to peppereyes)
Post #: 9

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> HTTP Filtering >> block all sites but allow a select few? Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts