I've tried to set the default policy to allow. Then, the website URL set to facebook and such, it lets me go straight to it. What I need is a default policy of deny and allow specific sites. How can any of this work?
I finally had enough time to play with one. Though there is a default policy option of denying all, you can't then allow certain sites. The policy page can have certain sites blocked or certain PCs blocked from everything. Cisco has it covered when it comes to blocking things, but not when you want to allow sites unless it's everything. I don't see any way to block all but specified sites. Guess that's how it comes with the low end. The upper end, rv180 say, can list certain "trusted domains". We've already deployed 110s at all branches. Can't very well ask the owner to buy all 180s.
If anyone knows better than I see, please respond.
Addition: I did successfully allow a site by address through the access table, but that isn't very useful unless you know all the IPs a site uses. Say, I wanted to add google.com, how many IPs would that need!? The site I added was our corporate (franchiser) email site that only uses 1 IP.