Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Web Content Filter - "blocked website" message.

jorge_diaz
Comes here often
‎Aug 25 2020 6:16 AM
‎Aug 25 2020 6:16 AM

Web Content Filter - "blocked website" message.

Hi there, 

 

We deployed an MX64 to the network, we set up the web content filter feature and it's working as intended. The problem is that there seems to be no way for end-users to get a customized message stating the reason why they can't get to the site, users simply get a connection failure message. I contacted Meraki Support and they told me "Unfortunately, we do not have the feature to customize the message when a website is blocked. Kindly submit the feature request", I find it hard to believe but evidently is true. Is there a workaround to get some type of customized message? I'm sure this is something almost any business would like to implement.

 

Thanks in advance... 

0 Kudos
Subscribe
2 Replies 2
NGleich
Here to help
‎Aug 26 2020 12:33 AM
‎Aug 26 2020 12:33 AM

Hi jorge-diaz,

 

I have the same "issue" at home with my MX64.

When i visit a blocked category the website request just times out.

 

As far as i know the reason behind this is that Meraki MX devices can't perform SSL decryption for HTTPS websites.

Umberlla does display a block page even for HTTPS connections because Umbrella can do SSL decryption.

 

"Without the root certificate, when your users go to that service, they will receive errors in the browser and the site will not be accessible. The browser, correctly, will believe the traffic is being intercepted (and proxied!) by a 'man in the middle', which is our service in this case. The traffic won't be decrypted and inspected; instead, the entire website won't be available."

 

This is a extract from an Umbrella article explaining the SSL decryption feature.

When you have no root certificate installed in Umbrella it behaves just like the MX devices now and the connection times out rather than you getting an block message.

 

So if my assumption regarding this topic is correct i dont really think that there is a chance for a workaround.

 

Hope that helps 🙂

 

Kind Regards

Niklas

0 Kudos
Subscribe
In response to NGleich
jorge_diaz
Comes here often
‎Nov 30 2020 7:29 AM
‎Nov 30 2020 7:29 AM

Hi NGleich,

 

Thank you for your input. Sorry for the delayed acknowledgment; I didn't see the comment notification. 

 

It helps to understand the reason; I can't believe they haven't - or don't have any plans - of coming up with a solution or workaround; the traffic is hitting the FW; there's got to be a way to flag the connection as dropped and redirect it to another module to display an error message. Anyhow, not a big deal in the location where we deployed it, but I'll evaluate other solutions for future projects.

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.