cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
397
Views
5
Helpful
2
Replies
Highlighted
Beginner

List of Websites

How can i make a list of websites on my router at home so i can only go to those websites. Just want to see how to set it up. they have this at work but i don't know how it is setup and would like to duplicate it.

Regards

2 REPLIES 2
Highlighted
Cisco Employee

Hello,

You probably know that each PC before sending packet to website resolves website's name into ip address. And then packets are sent specifically to that ip address.

Single name may be resolved in different ip addresses from time to time based on load-balancing/server change/etc.

So in order to block/allow particular web sites - you first of all need to know to which ip addresses those resolve. You can do it yousing command line (cmd.exe) bu just pinging website name "ping cico.com" or using nslookup command to resolve name to ip.

Then on your router based on it's specification you configure access-list and apply on interface to WAN or possibly your LAN permitting all packets going to valid web sites and denying all packets going to other ip addresses. You can specify port 80 and 443 explicetly in ACL to make sure that you are blocking only web traffic by this and not skype for example. For all rest protocols you may create implicit permit ebtry in the end.

Hope this helps,

Nik

HTH,
Niko
Highlighted

Hi,

An alternative solution is to use NBAR. The advantage of this method is that you don't need to know the web site's IP address. This example shows you how to block You Tube.

http://blog.ine.com/2008/05/08/using-nbar-for-application-filtering/

The drawback of NBAR however is that it won't block https web sites, for example https://www.youtube.com