URL Blocking not working

Tatah
Here to help

URL Blocking not working

Hello guys.I tried to block a malicious domain/url but the changes will not apply to the firewall. Can any one help. To block, i go to Security & SD-WAN>URL and save changes but it still does not work. Any clue?

12 REPLIES 12
Nash
Kind of a big deal

Hello, @Tatah!

 

Just to confirm - you're going to the Security & SD-WAN -> Firewall area (https://documentation.meraki.com/MR/Firewall_and_Traffic_Shaping/Using_Layer_3_Firewall_Rules) and it is not working to block the URL? 

Tatah
Here to help

I am going to security & SD WAN> Content filtering >url blocking

Nash
Kind of a big deal

Okay, I'm with you now.

 

Assuming that the rule is saving, do you have any group policies setup? These are under Network-wide -> Group Policies. One can use group policy to ignore the network default blocked URL patterns etc:

 

2019-07-09 09_19_22-Group policies configuration - Meraki Dashboard.png

Tatah
Here to help

I don`t think i need to create a rule for blocking one url. I want to add the url to the block list but the url is still accessible after it is added to the block list

SoCalRacer
Kind of a big deal

Is the rule not showing after you hit the save button or the actual rule is not being applied and you are able to access the url?

I simply add the url to the blocklist and hit save but am still able to access the url

Nash
Kind of a big deal

So you enter the URL into the block list, you save. It saves the rule. Then you can still access the rule. You've confirmed that you don't have a group policy overriding the network defaults. Does this sound correct?

 

When you review the event log, do you see a Content Filter hit for that URL? Easiest way to do this is set the client filter to an IP address for a safe testing box, then try to visit the website.

 

Other thought: Make sure your block pattern follows the examples here: https://documentation.meraki.com/MX/Content_Filtering_and_Threat_Protection/Content_Filtering#Patter...

Tatah
Here to help

Here is the screenshot. No group policies set.

 

No group policy.PNG

SoCalRacer
Kind of a big deal

https://documentation.meraki.com/MX/Content_Filtering_and_Threat_Protection/Content_Filtering/Conten...

 

Possibly share a screenshot of the URL rule?

 

I have seen many times where the intent is to block a specific URL, but in fact the service/site uses multiple URLs that need to be blocked.

Nash
Kind of a big deal

If you need to block multiple URLs (or allow them!), Chrome dev tools are your friend. Go to website, open dev tools with ctrl + shift + i and click on the sources tab.

 

2019-07-09 10_24_30-Reply to Message - The Meraki Community.png

PhilipDAth
Kind of a big deal
Kind of a big deal

Note that URL blocking does not start working immediately.  It can take 10 minutes.

 

Can you post a screenshot of your URL blocking config?

Yes can you please post a screenshot of the rule, have you allowed for wildcards?

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels