Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

How to block youtube for a particular IP range in Sophos XG

Hi everyone,

Firstly let me explain the setup i have for my home network

Have WAN plugged into a mini PC which runs Sophos XG. On Interface 4 of Mini PC i have plugged in ubiquiti AP from which other devices get wifi connection ( mobile phone , laptop etc )

The IP range i have assigned for Port 4 is

What I'm trying to achieve is to test and block youtube for wifi users , also  would like to limit internet speed / usage after 7pm on weekdays

Please advise if its possible with the setup i have

Please include screen shots of rules if possible 

Unable to upload any from my end cos im at work 

Keep up the good work on the discussions , very helpful 


Raju George


Added TAGs
[edited by: Raphael Alganes at 2:36 PM (GMT -7) on 14 May 2024]
Parents Reply
  • You need to change the services to http/s, enable application control and IPS to LAN to WAN. Enable check http etc while using the web proxy.

    The firewall rule needs to be at the top of the firewall list.

    Ensure the devices you wish to block have no access to other networks eg LAN or SIM cards so they stay within the blocking IP address range.

    After a couple of hours check logviewer using the IP address range to the network identity to ensure the traffic is only hitting the block firewall rule. You might need to restart your XG to break the existing connections and enforce the new firewall rules.


    I also recommend blocking proxy and tunnels.

    XG115W - v20.0.1 MR-1 - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.