How do I block Websites on TZ370? Doesn't appear to be working....
Blacksuit Newbie ✭
I have enabled Content Filtering but for some reason users can still access sites and not sure what I am missing...I did follow How to allow or block URI and sub-domains using Content Filtering | SonicWall but during my testing on another machine I was able to still get to the sites I placed in the URI.
Yes, I have also enabled DPI-Client "Enabled SSL Client Inspection" and I attached a screenshot of the CF settings in hopes of someone seeing what I may have missed? I have been looking over several documents and options to see why it is not kicking in but I have come to a wall...any suggestions?
Category: Firewall Security Services
Hey! You will be signed out in 60 seconds due to inactivity. Click here to continue using the site.
Hi @Blacksuit , I haven't looked at your screens as they are a word doc, do you have it in PDF or could you paste the screens directly in to your post?
what browser are you using and when visiting the website what certificate is being used ? is it the DPI-SSL one?
also make sure you block outgoing UDP 443 (Google Quic)
@preston, Didnt know I could paste in here, thanks for the TIP! I am using Edge/Chrome during my tests and I finished up setting the DPI-SSL which was deployed to all my machines via GPO. I finally see hit counters and most sites are being blocked. However, even though I have DPI-SSL enabled users on can still access HTTPS traffic.
@Blacksuit, if you go to Common Names in the DPI-SSL and then connection failures are you seeing "unknown CA" in the logs? if so you'll need to import the CA Certs for those sites in to the SonicWall, I would do this by going to the site and saving the Certificate as file, then importing in to the SonicWall, other than that check this guide out
@preston Thanks for the information! I was able to fix a couple of things going that route but one last question if you could help. How do I block sites with https? Example: disneyplus.com, even though it is on my blacklist, I can still access that site.
Hi Blacksuit, try swapping the URI List Searching Order in the CFS Profile Object you are using (Object / Profile Objects / Content Filter) to Forbidden URI List First and see if this fixes it
@preston I tried that as well
Perhaps I dont have my CFS Exclusion/Inclusion set correctly as the term in confusing me....
Does the Exclude mean dont allow or is it the include mean dont allow these types?
@Blacksuit, make sure you are logged out of the firewall and try again, if it goes to the page refresh the page it should be being blocked it works on mine