Cisco Community
English
Register
Join the Webex special event conversation for a chance to win NEW Webex swag!
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to the Cisco Small Business Community

Have a question? Click on a topic board below to get started in the community.

2062
Views
0
Helpful
10
Replies
DAVID BREECE
Beginner
Beginner
‎08-30-2015 09:15 AM
‎08-30-2015 09:15 AM

Internet blocking feature doesn't work

RV-130W

I've setup a schedule and given certain devices an address in a specified range 10.10.10.201 to 209. I setup an Internet access policy specifically to block this range of addresses according to the schedules I setup.   It is as if I did nothing.  Users can still access the Internet.   I made a previous post and the answer I got referred me to the manual. Don't bother replying with that info. I've read the manuals. Are there other prerequisites that need to be performed? Should the destination be the WAN interface? Something is missing and the answer is not in the manual

Labels:
1 person had this problem
0 Helpful
10 REPLIES 10
ars Wegerich
Beginner
Beginner
‎09-09-2015 12:49 AM
‎09-09-2015 12:49 AM

Same here. VERY interested in a solution.

Firmware is on latest release.

0 Helpful
cchamorr
Contributor
Contributor
‎09-09-2015 01:23 PM
‎09-09-2015 01:23 PM

Hello,

Could you provide screenshots of your configuration as well as the System Summary page or dashboard?

Thank you

0 Helpful
ars Wegerich
Beginner
Beginner
In response to cchamorr
‎09-09-2015 10:24 PM
‎09-09-2015 10:24 PM

Don't wanna hijack this thread but I think my problem is quite the same so I post my screenshots (s. attachments)

 

Preview file
459 KB
Preview file
10 KB
Preview file
164 KB
0 Helpful
cchamorr
Contributor
Contributor
In response to ars Wegerich
‎09-10-2015 11:36 AM
‎09-10-2015 11:36 AM

Thank you for the screenshots.

Before continuing, can you let me know if when you try to go to facebook from that PC with IP address 192.168.2.100, are you connecting via HTTPS or only HTTP.

Could you verify that?

Thank you

0 Helpful
ars Wegerich
Beginner
Beginner
In response to cchamorr
‎09-11-2015 02:31 AM
‎09-11-2015 02:31 AM

Have a bookmark for facebook which is:

https://www.facebook.com/home.php

So, HTTPS is the answer to your question.

 

Just typed in the HTTP URL "http://www.facebook.com" in the browser and it redirects to the HTTPS link which then show the facebook web page.

0 Helpful
cchamorr
Contributor
Contributor
In response to ars Wegerich
‎09-11-2015 11:15 AM
‎09-11-2015 11:15 AM

Thank you for the reply, that confirms what I was thinking.

First of all, your configuration is absolutely correct and if you are trying to block a NON HTTPS website, I'm very positive it will work.

Now, unfortunately, on the current Small Business routers line up, HTTPS websites are considered as secured and are not blocked by the Internet Policy Rules. With this routers, when you are going to secure websites on the internet the policy is not even applied.

The only way to block access to those types of websites directly from the unit is to find out the IP addresses of the actual site (Facebook for example has many addresses) and block them via access rules. The problem with this is to find all the addresses, and even if you do, there could start using a different address very quickly so the rules will become ineffective at that moment.

One workaround is to use a service like OpenDNS which should help you blocking certain sites but I'm not sure if it will do what you are looking for on your scenario.

I hope this answer clarifies things.

Please let us know if you have any questions and don't forget to mark an answer as correct or to grade it if it was helpful to you so that other members will benefit from it.

0 Helpful
ars Wegerich
Beginner
Beginner
In response to cchamorr
‎09-11-2015 01:06 PM
‎09-11-2015 01:06 PM

thanks for your quick answer!

but besides that I think it's useful to support blocking of HTTPS traffic not for security reasons but for blocking specific content I couldn't verify what you wrote.

I made another Internet Access Policy rule which blocks the domain name of n-tv.de (a german news site) and it doesn't work either. (s. screenshot for settings)

This one comes over HTTP not HTTPS.

am confused now

P.S. how do I mark an answer as correct or grade it? Ist that the "five stars" rating I see below the posts?

Preview file
176 KB
0 Helpful
cchamorr
Contributor
Contributor
In response to ars Wegerich
‎09-11-2015 01:19 PM
‎09-11-2015 01:19 PM

Thank you for the quick reply.

You are right and we are working on the possibility of blocking HTTPS websites as well.

Also, after checking your settings I cannot see why it wouldn't work as everything appears correctly configured.

I noticed that your RV130 is a very recent unit and so I'm sure it is covered under support.

At this point I will recommend for you to contact the Small business support center to create a case so that we can take a closer look at your particular scenario as what you are trying to do, blocking non HTTPS sites is fully supported.

Here is the link that contains all of the support number around the world.

http://www.cisco.com/c/en/us/support/web/tsd-cisco-small-business-support-center-contacts.html

Just make sure you call us during your support hours of Monday Thru Friday from 9 AM to 6 PM your local time.

I hope this helps.

And yes, the way to grade an answer is via the stars

0 Helpful
Zmaila009
Beginner
Beginner
In response to cchamorr
‎11-03-2020 11:37 PM
‎11-03-2020 11:37 PM

Last answer from 2015.... I have same issue on my rv130W. "Internet access policy"  is no blocking anything. In my case I want to block youtube and stuff like FB for kids who suppose to be on homeschooling. Of course it is HTTPS sites to block. I red all forums and this as well and I did update firmware on my router in a case there is update for this feature, but it isnt working. Configuration is very simple. Block this and that keyword during this and that hour - days  on this and that Mac address or IP (possibly IP range). It doesnt work and so far no logs showing access violation (as it probably dont recognize HTTPS as violation). I bought this last year as my previous Cisco small bussines router broke after 7years of good service. Big fan of cisco and my entire home network is build with cisco components. So this is quite disapointing - not be able to block few websites by firewall. Is there anything happening or.....?

0 Helpful
Martin Aleksandrov
Cisco Employee
Cisco Employee
‎11-04-2020 02:28 AM
‎11-04-2020 02:28 AM

Hello David,

 

Please read below posts. The RV130W is not looking for secure https traffic, therefore can't filter HTTPS web sites but only non-secure HTTP. You should have RV130W-WB-A-K9-xx platform to use different web filtering categories to block certain web sites based on web reputation rank. In those cases, you can block both https and/or http web sites.

 

Please note RV13x series have been announced EoS/EoL since December 2019 and the replacement product is RV160/260 series routers.

 

Regards,

Martin

 

 

0 Helpful
Latest Contents
#CiscoChat Live: Giving Back & Bouncing Back: The Effect of ...
Created by Kelli Glass on 04-28-2021 07:44 AM
0
0
0
0
Join us live on Thursday, April 29 at 10 am PT as we discuss how the pandemic affected non profits and find out what their secret weapon was to weathering the past year. Our guests will share how giving back during this challenging time actually enabled t... view more
#CiscoChat Live: Giving Back & Bouncing Back: The Effect of ...
Created by Kelli Glass on 04-28-2021 07:42 AM
0
0
0
0
Join us live on Thursday, April 29 at 10 am PT as we discuss how the pandemic affected non profits and find out what their secret weapon was to weathering the past year. Our guests will share how giving back during this challenging time actually enabled ... view more
Cybersecurity strategies for Small Business
Created by Kelli Glass on 04-14-2021 11:46 AM
0
0
0
0
Discover the cybersecurity strategies that small and midsize business (SMB) leaders are using to thrive in today's ever-evolving threat landscape. The Cisco Cybersecurity Report Series is a collection of thought leadership studies. This spin-off from our... view more
#CiscoChat Live - Thriving with Cybersecurity: The 2021 Secu...
Created by Kelli Glass on 04-06-2021 03:44 PM
0
0
0
0
Would you believe that small and midsize businesses (SMBs) can teach enterprises a thing or two about effective security? Learn in which areas SMBs excel as we share the highlights of our Security Outcomes Study for SMBs. Join us on Thursday, April 15 at ... view more
#CiscoChat Live - Thriving with Cybersecurity: The 2021 Secu...
Created by Kelli Glass on 04-06-2021 03:42 PM
5
0
5
0
Would you believe that small and midsize businesses (SMBs) can teach enterprises a thing or two about effective security? Learn in which areas SMBs excel as we share the highlights of our Security Outcomes Study for SMBs. Join us on Thursday, April 15 at... view more