Blocking IP websites

jst3751

I am trying to block users on the LAN from accessing websites on the WAN that are IP based on a NSA 2600 6.5.4.6-79n

Example: http://10.10.10.123/blahblahblah

I have created a match object: Object type: HTTP URL; Match type: Regex Match; Input: Alphanumeric; Content "https?:\/\/\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}.*" (without the quotes)

I have created an App Rule: Policy type: HTTP Client Request; Match Object: above object; Action Object: Blocked HTTP; ANY ANY ANY; To Service: (2 rules one for HTTP and one for HTTPS); Direction: LAN>WAN

The rules are not catching anything.

Any help-suggestions appreciated.

Saravanan

Hi @JST3751,

Welcome to SonicWall Community.

Looks like you wanna block the websites based on their IP addresses. If yes, please use firewall access rule feature in the SonicWall for this purpose/requirement. Please take a look at the below KB article for reference and follow the same logic.

https://www.sonicwall.com/support/knowledge-base/using-firewall-access-rules-to-block-incoming-and-outgoing-traffic/170503532387172/#:~:text=Network%20access%20rules%20take%20precedence,allowing%20this%20type%20of%20traffic.

Hope this helps. Let us know how it goes.

jst3751

https://community.sonicwall.com/technology-and-support/discussion/comment/4439#Comment_4439

No sorry that does not help. I know very well how to create address objects and so forth. That is a manual process to be added AFTER THE FACT.

I need to be able to block users from accessing IP Based websites at the time of attempt, not later.

Saravanan

Hi @jst3751,

Got your situation. So, you are looking to block IP address based URL. Could you confirm this? I can provide suggestions accordingly.