We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is Why:

  • Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.
  • [geot exclude_region="No Trial" ] Try for Just $1. The Best Dollar You've Ever Spent on Your Cisco Career![/geot]
  • Full Access to our 541 Lessons. More Lessons Added Every Week!
  • Content created by Rene Molenaar (CCIE #41726)

 

294 New Members signed up the last 30 days!

 
satisfaction-guaranteed

100% Satisfaction Guaranteed!
You may cancel your monthly membership at any time.
No Questions Asked!

Tags:


Notable Replies

  1. you can block http site with that, but you cannot block HTTPs sites with these

  2. Hi Sameer,

    I just updated the article to show you why we can't block HTTPS with NBAR.

    Rene

  3. This is awesome! Thanks

  4. system says:

    What is the limit? I tried adding a lot of websites and it only shows me 7 of them when i do a show run.

  5. Hi Vitaly,

    HTTPS won't work since NBAR can't look into the packets. I don't think Youtube publishes a list of all IP addresses that they use, maybe you can lookup their AS number, find the IP addresses and block those:

    https://www.ultratools.com/tools/asnInfo

    If you enter "Youtube" you can see that they use AS36561 and AS43515. You can lookup those IP addresses and block those.

    Perhaps a better method would be to fix this using DNS. Use your DNS server so resolves youtube.com to a custom webpage and configure your firewall so users can't use another DNS server.

    Rene

Continue the discussion forum.networklessons.com

3 more replies

Participants