Content filter not working properly

Options
nielsscheldeman
nielsscheldeman Posts: 46  Freshman Member
First Anniversary 10 Comments Friend Collector

Couple of months ago I set up an ATP200 with Content filter enabled at a client. Now he says that the users are able to surf to playboy.com. I did some tests:

If I enter the website in URL to test it says that it is categorised under pornography, so ok.

Filter is applied to LAN1_Outgoing

If I turn on logging on LAN1_Outgoing and I surf to playboy.com it says in the logs that it's passing this rule. But the website is indeed accessible from a computer, but if I use http://pl… I get proper warning of Access Restricted. So it seems that https does pass? Enable HTTPS Domain Filter for HTTPS Traffic is turned on.

All Replies

  • WJS
    WJS Posts: 155  Master Member
    First Anniversary 10 Comments Friend Collector First Answer
    Options
  • nielsscheldeman
    nielsscheldeman Posts: 46  Freshman Member
    First Anniversary 10 Comments Friend Collector
    Options

    The content filter still not working fine…

    Added a rule with priority 1 for QUIC Ports

    Some sites are blocked, mostly not. For example, customer wants me to block wps.com

    So in that filter which is applied to LAN1 outgoing, I added in Forbidden websites *.wps.com or wps.com. But still accessible?

  • electsystech
    electsystech Posts: 36  Freshman Member
    First Anniversary 10 Comments Friend Collector
    Options

    Setup a DNS filter policy as well, like this. The Zywall DNS policy needs to be separate from the Filtered DNS policy.

  • nielsscheldeman
    nielsscheldeman Posts: 46  Freshman Member
    First Anniversary 10 Comments Friend Collector
    Options

    Hello,

    Yes I've set DNS Filter also and works much better now. Would it work even better if I use DNS Server from ZyWALL then since I see u set also a policy for DNS to ZyWALL

  • PeterUK
    PeterUK Posts: 3,003 ✭✭✭✭✭
    Community MVP First Anniversary 10 Comments Friend Collector
    edited May 16
    Options

    The DNS Filter works from LAN to WAN as well as LAN to Zywall you can choose to block DNS LAN to WAN if you want

  • nielsscheldeman
    nielsscheldeman Posts: 46  Freshman Member
    First Anniversary 10 Comments Friend Collector
    edited May 16
    Options

    Now I'm trying to work with a whitelist for 2 computers within the same LAN. I gave them fix IP and added a rule with higher priority then LAN1_Outgoing with only category filter. But the devices are still able to surf to any website? These are my settings below

  • PeterUK
    PeterUK Posts: 3,003 ✭✭✭✭✭
    Community MVP First Anniversary 10 Comments Friend Collector
    edited May 16
    Options

    would you need to set DNS Filter too on that rule?

    You can do top rule block DNS LAN to WAN

    Then a rule below LAN to WAN DNS Filter and Web Filter

    and LAN to Zywall DNS Filter

  • nielsscheldeman
    nielsscheldeman Posts: 46  Freshman Member
    First Anniversary 10 Comments Friend Collector
    Options

    Really struggling with it. Previous things didn't work, also because I wanted to use different DNS Servers then the ZyWALL I Guess.

    For the whitelist I have 2 computers that may only access 2 websites

    1 Computer in separate VLAN which i gave DNS address to ZyWALL → works fine now with only DNS Filter on it.

    Another computer which is domain joined and gets DNS Address from Domain Controller. So here I think I can't use DNS Filter. But Web filtering is not working fine. How to solve this?

  • Zyxel_Kevin
    Zyxel_Kevin Posts: 838  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options

    Hi @nielsscheldeman ,

    If you still have problem within latest weekly. We can have remote session to clear your problem.

    I sent you the avaialble time by PM.

    Thank you

    Share yours now! https://bit.ly/4aO0BMF

    Kevin

Security Highlight