Scribd Logo
Upload

Welcome to Scribd!

  • Block Websites Through Juniper

    Uploaded by

    cahmadh
    3 views1 page
    Block website.

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Block website.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    3 views1 page

    Block Websites Through Juniper

    Uploaded by

    cahmadh
    Block website.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 1

    I just had Juniper support back on. They have resolved the problem.

    Apparently t
    here are ways that users can get round it, but they're beyond most people's IT s
    kills.
    I hope this information helps...
    a) Create an Address Group called Blockedsites (or whatever).
    b) Create a Policy like this:
    Then for each website you want to block just do the following. No need to repeat
    the above steps.
    1.
    2.
    3.
    4.
    5.
    6.

    BLOCK THE PURE DOMAIN NAME


    Go to Policy > Policy Elements > Addresses > List
    The drop-down should be Untrust, then click New.
    Address Name
    name the address the same as the domain name (e.g aaa.com)
    Click Domain Name and enter the full domain (e.g www.aaa.com)
    OK this.

    7. BLOCK ANY SUB-DOMAIN


    8. Back in Policy > Policy Elements > Addresses > List , the drop-down should
    be Untrust, then click New.
    9. Address Name name the address the same as the domain name but with an aster
    isk (e.g aaa.com *)
    10. Click Domain Name and enter the domain with an asterisk before it(e.g *.aa
    a.com)
    11. OK this.
    12. BLOCK ANY SUB-FOLDERS
    13. Back in Policy > Policy Elements > Addresses > List , the drop-down should
    be Untrust, then click New.
    14. Address Name name the address the same as the domain name but with two ast
    erisks (e.g aaa.com **)
    15. Click Domain Name and enter the full domain with a forward slash and an as
    terisk after it(e.g www.aaa.com/*)
    16. OK this.
    17. BLOCK THE IP ADDRESSES
    18. Open a Command Prompt and enter (for example) ping aaa.com
    19. Back in Policy > Policy Elements > Addresses > List , the drop-down should
    be Untrust, then click New.
    20. Address Name name the address the same as the domain name then add IP to dif
    ferentiate it from the other address(e.g aaa.com IP)
    21. Click IP Address/Netmask (wildcard mask) and enter the IP address from the
    ping, with a 32 after the slash.
    22. OK this.
    23. Repeat for each IP you receive.
    24. Go to Policy > Policy Elements > Addresses > Groups and Edit the Blockedsi
    tes Group.
    25. On the right, multiple-click the new Addresses and click the << button to
    add them to the Group to be blocked (on the left).
    26. Click OK.

    You might also like