Hi... I've just started using UTM (v 9.401-11) and love it so far - however I've run into one issue which I'm trying to understand. I have a media streaming device (an Amazon Fire TV) which I want to block from accessing certain domains, to prevent it from auto-updating. What I want to do is only to block http and https access to these domains, and leave all other traffic from the device untouched. I was hoping to use the web filter for this, and it is successful in blocking access to the domains - but as soon as I enable the filter, media streaming to the device fails - Netflix is what I'm testing with specifically. What actually happens is with the filter enabled, the Netflix app launches but then almost immediately crashes back to the homepage. I've configured a filter profile for the device as follows: Just the device set as allowed network transparent mode HTTPS: URL filtering only (Makes no difference if I select "Do not proxy HTTPS traffic in transparent mode") The default content filter is set to allow everything, no antivirus scanning. Under 'filtering options / Misc' I have "Bypass content scanning for streaming content" selected. I've also tried adding the exceptions described here: https://community.sophos.com/products/xg-firewall/f/129/t/74689 In the web filtering live log, every entry appears to be a pass - I can't see anything being blocked or denied when trying to access Netflix. Am I doing anything obviously wrong, or - preferably - is there a simpler way to achieve what I want to do, i.e. to simply block access to a few domains and leave everything else untouched? Hopefully this make sense :)

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Block access from a device to some domains, leaving everything else untouched?

Hi...

I've just started using UTM (v 9.401-11) and love it so far - however I've run into one issue which I'm trying to understand.

I have a media streaming device (an Amazon Fire TV) which I want to block from accessing certain domains, to prevent it from auto-updating. What I want to do is only to block http and https access to these domains, and leave all other traffic from the device untouched. I was hoping to use the web filter for this, and it is successful in blocking access to the domains - but as soon as I enable the filter, media streaming to the device fails - Netflix is what I'm testing with specifically. What actually happens is with the filter enabled, the Netflix app launches but then almost immediately crashes back to the homepage.

I've configured a filter profile for the device as follows:

Just the device set as allowed network
transparent mode
HTTPS: URL filtering only (Makes no difference if I select "Do not proxy HTTPS traffic in transparent mode")

The default content filter is set to allow everything, no antivirus scanning. Under 'filtering options / Misc' I have "Bypass content scanning for streaming content" selected.

I've also tried adding the exceptions described here: https://community.sophos.com/products/xg-firewall/f/129/t/74689

In the web filtering live log, every entry appears to be a pass - I can't see anything being blocked or denied when trying to access Netflix.

Am I doing anything obviously wrong, or - preferably - is there a simpler way to achieve what I want to do, i.e. to simply block access to a few domains and leave everything else untouched?

Hopefully this make sense :)

This thread was automatically locked due to age.

Parents

0 BLS over 8 years ago

Use the web-filter to block the following domains.

amzdigital-a.akamaihd.net
amzdigitaldownloads.edgesuite.net
softwareupdates.amazon.com
updates.amazon.com

If you're using the list in the link you've posted, and set them all to block then Netflix will be blocked, as the list contains Netflix URLs

Tim Grantham

Enterprise Architect & Business owner
Cancel
Vote Up 0 Vote Down

Cancel
0 JoeB1 over 8 years ago in reply to BLS

Unknown said:

Use the web-filter to block the following domains.

amzdigital-a.akamaihd.net
amzdigitaldownloads.edgesuite.net
softwareupdates.amazon.com
updates.amazon.com

If you're using the list in the link you've posted, and set them all to block then Netflix will be blocked, as the list contains Netflix URLs

Yes, those are the domains I'm trying to block access to. I'm not blocking the domains from the link, through - the opposite in fact: I added that list of domains as an exception under Filtering Options / Exceptions. However even with the exception in place, the Netflix app crashes almost immediately.

Is it possible to use the firewall to block access rather than the web filter? I've tried creating a drop rule adding those four domains as DNS Hosts and also as DNS Groups, but the rule doesn't seem to block access to them...

(Apologies if these are very simple questions but as I said I'm very new to UTM :) )
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 JoeB1 over 8 years ago in reply to BLS

Unknown said:

Use the web-filter to block the following domains.

amzdigital-a.akamaihd.net
amzdigitaldownloads.edgesuite.net
softwareupdates.amazon.com
updates.amazon.com

If you're using the list in the link you've posted, and set them all to block then Netflix will be blocked, as the list contains Netflix URLs

Yes, those are the domains I'm trying to block access to. I'm not blocking the domains from the link, through - the opposite in fact: I added that list of domains as an exception under Filtering Options / Exceptions. However even with the exception in place, the Netflix app crashes almost immediately.

Is it possible to use the firewall to block access rather than the web filter? I've tried creating a drop rule adding those four domains as DNS Hosts and also as DNS Groups, but the rule doesn't seem to block access to them...

(Apologies if these are very simple questions but as I said I'm very new to UTM :) )
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 BAlfson over 8 years ago in reply to JoeB1

Hi, Joe, and welcome to the UTM Community!

Please insert a picture of the configuration you think should block these accesses and a line where the access was passed from the web filtering log.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel