How to block youtube for a particular IP range in Sophos XG

You appear to have two address ranges on port 4. Are you using the unifi ap to assign ip addresses, if so you must have a Nat which the XG will not see the 10 range.

ian

Hi Ian,

Have this on Port 4 



I can change the Unifi Wireless Network to match the above range , if that would help

Do you use the Unifi AP to assign IP Addresses to connections? Managing access and firewall rules is much easier if you allow the XG to assign IP addresses.

Port 4 is a 192.168 address range, the unified clients should also be in that range if you want to suse the XG firewall rules.

What is the aim of using the 10.1 IP address range?

Ian

Hi Ian,

Was wanting to have different networks , like

Port 172.16.16 /24

Port 2 WAN on 192.168.1/24

Port 3 on 10.0.0 / 24

Port 4 on 10.1.1 / 24  

Is there another way to achieve this

Please advise

The unified network needs it own range as you have configured and has nothing to do with port 4.

You have labelled port 4 as LAN it should be WAN then your rules might work.

How do you connect to the internet?

Ian

I believe I'm connected to Internet via Port 2 since WAN cable from ISP is connected to Port 2

Can we name two Ports with WAN label ?

The IP address on port 2 does not seem to be an address an ISP would assign you, more like something you have signed yourself.

Change port 2 to DHCP.

With your setup you would have 3 internal LAN ports and one WAN port.

What is your ISP/RSP?

Ian

Hi Ian , is it because i have Dynamic DNS as below 

Had created them for enabling Sophos Connect ( VPN ) 

My ISP is TPG  ( Fibre to Premise )

So, what has the vpn got to do with your internet connection or do you use it to access YouTube outside of Australia?

No , i dont access YouTube etc outside of Australia 

Was thinking if the Dynamic DNS config was an issue , so posted it

Please advise