cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2795
Views
0
Helpful
7
Replies

RVS-4000 Internet Access Policy does not block listed domains

dinnerbichler
Level 1
Level 1

We have an RVS-4000 router that we use as an Internet gateway on our school network.  I am trying to set up an Internet Access Policy to block some specific websites by URL using a domain name.  I set up the policy, and added a PC to the list using the mac address, and the blocking did not work.

I went back to the list and added the IP address of the same PC, the policy still did not work to block the domain.  I rebooted the router, cleared the Internet Temporary files and history on the PC, and the policy still does not work. 

It acts like it is going to block access to the website because it takes a long time, but it will eventually connect. 

Very frustrating because the instructions in the manual are pretty simple, but it just does not work to block the specified website on the specified PC.

Please reply with advice and suggestions to make the Internet Access Policy function work.

Thank you.

Dave Innerbichler

Volunteer Technical Resource / Webmaster

St. Joseph School - Placentia, CA

dave@sjsplacentia.org

http://www.sjsplacentia.org

7 Replies 7

dinnerbichler
Level 1
Level 1

So I had called the SBSC, and the agent told me he could not answer my question because our router is no longer under warranty.  He said that I should post it here, and someone from Cisco would give me an answer.  Anyone from Cisco?

Hi Dave,

Thank you for posting. Does the router have the latest firmware? What sites are you trying to block? Some sites have multiple IP addresses pointing to them and can be a little more difficult to block effectively.

Thanks for your reply.  No, I don't think the router has the latest version of firmware, so that is something that I plan to do.  However, I am more interested in your comment about the sites having more than one IP address.  It seems consistent with what I am seeing.  The site does not connect for maybe 20 or 30 seconds, but finally does.  Maybe it is cycling through all available IP addresses until it finally connects (?).  I'm not sure I completely understand though, my blocking setup in the router is by domain name, not IP address.  Shouldn't any IP address associated with a domain name be blocked?  We are a school, so one of the first things we are trying to block access to are the social networking sites.  One of the ones giving the most trouble is Facebook.  I have set blocking in the router Internet Access Policy for facebook.com.  How does it find a way to connect?  Is there any other way to make sure it is always blocked?  I also set twitter.com to be blocked, and that gives an almost immediate connection error - which is the desired result.  So it seems that you might be right, but I need to know how to block those stubborn ones.  Thanks for your help.

Dave,

To find the IP addresses of a given website (Facebook in this example), open the Command Prompt and type: nslookup facebook.com Press enter and you should see 5 IP addresses. I set up a router in our lab and entered all 5 addresses into it and tried to block them. This failed. I then added facebook.com (as well as the addresses) and I was no longer able to reach facebook. I am not sure if the IPs, URL or combination is what blocked it, but the page eventually timed out.

Dave,

I had a little more time to play with the RVS4000 and I found that I only needed to add facebook.com to the list of blocked domains and the router blocked all access with IE, Firefox and Chrome. The firmware on my lab router is v.1.3.3.5

Please upgrade your router and test this.

Thank you so much for following up on this for us.  Would you mind very much getting some screen shots of those settings and emailing them to me?  I would appreciate it a lot.

dave@sjsplacentia.org

Hi Dave,

I will post my screenshots here:

As you can see, I can reach cisco.com but twitter and facebook have been blocked. As I was setting this up again I forgot to "Edit List of PCs" and I found that after I created the rules I was completely blocked from the internet. After I added 192.168.1.2 through 192.168.1.254 I was able to reach everything except the two blocked URLs. Please reply if you have any questions.