Meraki

Community

iOS APP Store - blocking app store access

Solved
Ravindhar
Conversationalist
‎Dec 23 2019 1:07 AM
‎Dec 23 2019 1:07 AM

iOS APP Store - blocking app store access

Hi,

 

When using restrictive Layer 7 firewall rules for denied iTunes Music&Video traffic on the MX Security Appliance, services such as Apple App-store inadvertently blocked.

So that we are unable to Install App updates and OS Updates.

We want block iTunes for entertainment Purpose.

is there any solution to block iTunes entertainment purpose instead of OS and App Updates?.  

 

 

Regards,

Ravindhar.

 

 

1 Accepted Solution
BrechtSchamp
Kind of a big deal
‎Dec 23 2019 1:26 AM
‎Dec 23 2019 1:26 AM

Maybe you can get it to work by going through the urls in this page and whitelisting the ones that related to app updates:

https://support.apple.com/en-us/HT210060

 

Another thing you could do is just rate limiting instead of outright blocking.

View solution in original post

3 Replies 3
BrechtSchamp
Kind of a big deal
‎Dec 23 2019 1:26 AM
‎Dec 23 2019 1:26 AM

Maybe you can get it to work by going through the urls in this page and whitelisting the ones that related to app updates:

https://support.apple.com/en-us/HT210060

 

Another thing you could do is just rate limiting instead of outright blocking.

SmithPoll
Conversationalist
Monday
Monday

Hey Ravindhar, this is a common challenge with Layer 7 rules since Apple services often share domains. Blocking iTunes for entertainment purposes can unintentionally affect essential services like app or OS updates. One workaround is to use content filtering or URL-based rules to target specific iTunes-related domains, rather than broad Apple services. It’s tricky, but more precise filtering might help balance security with functionality.

0 Kudos
patcummins
New here
Friday
Friday

This is a common issue when using Layer 7 rules, as Apple often routes multiple services through similar domains. Instead of broad iTunes category blocks, try using FQDN-based Layer 3 rules or custom content filtering with specific domains related only to Apple Music or iTunes media. This way, OS and App Store updates can continue while restricting entertainment content. Apple’s domain list for services might help fine-tune your rules.
https://castleappp.info/

0 Kudos
Back to the top
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.