Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Group Policies - block all websites except a few allowed websites

ZachCCNA
Conversationalist
‎May 11 2023 1:15 PM
‎May 11 2023 1:15 PM

Group Policies - block all websites except a few allowed websites

MX64 - client has a specific request that for a few computers at their location, they want the users to only have access to a small list of websites that is related to their work.  I'm thinking using AD Security Group and Group Policies would do the trick but I've never set one up like this.

 

Currently I have an AD Security Group set up that the computers will  be put in to, and I have a Group Policies set up with a list of websites in the "Allow list" and set to "override".

 

Looking through the options I'm not seeing how to block all websites as the default, before it would go to the "Allow list URL patterns" override list.

 

Any assistance would be appreciated.  This just came across my desk today so I have not had any time to test this yet.  I will be going to this client sometime next week to finalize the set up and perform tests.

Labels:
0 Kudos
Subscribe
5 Replies 5
alemabrahao
Kind of a big deal
Kind of a big deal
‎May 11 2023 1:17 PM
‎May 11 2023 1:17 PM

In block url list use an *

 

 

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Subscribe
In response to alemabrahao
ZachCCNA
Conversationalist
‎May 11 2023 1:19 PM
‎May 11 2023 1:19 PM

I am aware of using *... that's not my question here.  I'm trying to make sure that the group policy will be set to block all websites and then refer to the "allow list" to override the default "block/deny all" rule.

0 Kudos
Subscribe
alemabrahao
Kind of a big deal
Kind of a big deal
‎May 11 2023 1:21 PM
‎May 11 2023 1:21 PM

You need to block an * and allow all URL's what you want on the allowed list.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Subscribe
In response to alemabrahao
ZachCCNA
Conversationalist
‎May 11 2023 1:30 PM
‎May 11 2023 1:30 PM

Ah ok, and I'm thinking to "append" with the block list and then "override" with the allowed list.  That sounds logical to me as long as it goes in that order, checking the block list first then the allowed list.

 

I'll be giving this a try in the next few days.  I'll update this thread when done.  Thanks

0 Kudos
Subscribe
In response to alemabrahao
ZachCCNA
Conversationalist
‎May 15 2023 12:29 PM
‎May 15 2023 12:29 PM

That has not helped.  I'm not sure if I'm doing something wrong.

 

I've added the computer that I'm testing in, was still able to access websites that should be blocked.  I went as far as trying to had my username (AD account) into the security group, no changes.

 

Any other suggestion?

 

Thanks///

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.