How to block APPs or websites for all users in Ruijie EG?
Applied scenariosIf all user traffic must go through the EG, so we can take some control policy on EG to control the behavior of users, like access some websites or APPs. Here is the typical topology.
data/attachment/forum/202205/25/180622gvnr1b4xpbybpnnm.png
Case of configuration
Explanation of Features
In the following picture, you can see the explanation of the first three options in this page. It’s note that user cant added into the User Blacklist and Audit-Exempt User at the same time.
data/attachment/forum/202205/25/180637dznq87g475ylq78k.png
The below picture shows the explanation of the last two options in this page.
data/attachment/forum/202205/25/180653l6spm06fsp760vg3.png
Configure steps
For APP blocking, add the app group into the blacklist, such as ‘Games’,’Chat’, ’Video_MOBILE’.
data/attachment/forum/202205/25/184612sm0qqegkecz9cmbt.png
For website blocking, add the website group into the blacklist, such as the ‘Hot Website’, ’Bad’ group. Besides, you can also enter a specified url into the blacklist, then this url won’t be accessed for users.
data/attachment/forum/202205/25/184642agv5thhz5rretv1h.png
data/attachment/forum/202205/25/184700h8meikk8jebjebgj.png
data/attachment/forum/202205/25/184719tmyg0znotw0vynqn.png
Verification
After added the 'www.goole.com' into the blacklist of wesite, all downlink users won't be ablet to access it.
data/attachment/forum/202205/25/184730j7lugzhvpxvvyvux.png
Hi Admin, I have tried to block 2 websites but I can still access them data/attachment/forum/202304/17/092438x0202w40bp5sld9z.png
Tam Ja replied at 2023-4-17 09:24
Hi Admin, I have tried to block 2 websites but I can still access them
During the access a website, there may be several jumps in the middle, and finally arrive at the website you fill in. Therefore, when writing the URL, it is best to choose the one already in our feature database.
If you want to add your own, you need to first capture the packet and analyze all the urls contained in the url, and then block all the urls in order to make it work.
For the first IP address, you can configure the ACL: https://community.ruijienetworks.com/forum.php?mod=viewthread&tid=1905&extra=page%3D1
thanks!!
Pages:
[1]