Meraki

bluemoon61 · ‎Jan 13 2019

We are trying to create a filter to block access to some Social Media URLS from a specific device. Our kids spend way too much time on apps and whilst we can control access from iPhones and xBox we also have an open Chromebox that they can web surf on and it becomes the fallback point when Instagram and Fortnite are no longer reachable on iPhones and xBoxes ! It is time filtered so that they cannot access it outside certain hours but I would like to be able to stop them using it to watch Fortnite on TWITCH TV and access Instagram.com for example

I would like to be able to filter these URLS without blocking the access to the actual Social Media app itself and ideally without blocking access to that URL from other devices on the network ?

Is it possible to do any or all of the following ?

1. Block access to a URL without blocking the app itself (for example Instagram)
2. Block access to a URL from a specific device so that the site can still be accessed from other devices in the network ?

I set filters with URLBlocking in Content Filtering but they are not working: - I can still access the supposedly blocked web site from my iMac. I tried the Meraki suggestions of clearing History / Cache in the browser and also made sure the iMac was not Whitelisted so those are not the issues ?

Can this be done ?

BrechtSchamp · ‎Jan 13 2019

Sure, but knowing kids they will find their way around it. You're starting a cat 'n mouse game.

But this should do the trick. Create a group policy (Network Wide/Group Policies) with some L7 firewall rules and apply it to the chromebox (through the clients page). After creating and applying it, disconnect and reconnect the chromebox (or your iMac when testing) to the network.

Because the policy is only applied to the chromebox, their own iPhones and XBOX's should still have access whenever your existing control system allows them to.

I added ttvnw.net just in case. That seems to be the domain name from which the streams themselves originate.

More background info here:

https://documentation.meraki.com/MR/Group_Policies_and_Blacklisting/Creating_and_Applying_Group_Poli...

bluemoon61 · ‎Jan 13 2019

Thanks for the great suggestions ! We do actually use a Group Policy to block access to the Chromebox already purely on a time basis and I had not spotted the L7 FW rules but your idea is perfect....for now !!!

I know we are in a game of "whack a mole" with them but I can only try....it is absolutely impossible to watch their every move but as much care and attention we can apply "automatically" is worth a try. She has already figured out that she can get around a "spyware app" we openly run own her phone by switching off the wireless and mobile data on her phone (which stops the cloud based timers from running) and manages to "achieve" over 4 hours of "Screentime" on her phone each day when she is supposed to be policed to only 1.5.....so yes we know we have to "keep smart" if we can and I am trying to do that. What is about to happen is the broken cloud based policer is going to be replaced by Apple Screentime (which has only just started working for us).

This means other "specials" are needed (like replacing Safari with Chrome because Apple does not block Safari at all ever but I figured out how to do that as well). The thng is as soon as the door closes on her "untracked" iPhone time I can see the Chromebox usage rising and it is obvious what will be the main sites she will hit....he already sits on TWITCH once his XBOX Fortnite time runs out if the Chromebox is open and we do not see what he is doing

I think from reading your suggestions the reasons my attempt at a URL filter failed before may have been that I did not STOP / START my iMac after I created the rule but I will try your idea once nI am home next weekend

Thanks again !

Meraki

Community

URL filtering - newbie question

URL filtering - newbie question