Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[aln688]

I'm trying to setup web-site filtering using firmware 1.21. I've added the web-sites I want to be blocked to the "Website Filter" section. Then I added a policy to the "Access Control" section, specifying a time period of Always, the target machines are "Other Machines", with "Block Some Access" and "Apply Web Filter".

I've setup this filter a few times and yet all the machines on my network can still get to the web-sites I want blocked. I used to have firmware 1.11 and I'm sure this worked before. I only "upgraded" my firmware yesterday and now I can't get web-site filtering to work.

Any assistance is appreciated.

Thank you.

[Alphaman]

I can't get it to work on 1.21 either, although I've got what I think is a slightly different problem (I hope this doesn't detract from the OP's issue).  For example, I've got "myspace.com" in the Website Filters list, with "Deny" selected.  Access Controls are enabled, but when I go to add a policy, the following happens:

• Policy name: Block
• Schedule: Always
• Machine: Other
• Method: Block some & Apply web filter
• Logging: disabled

I press Save, and the DIR-655 crashes (just like it did while I was writing this...)   After the router reboots, I go back to the Access Control page, and there are still no policies listed.

Might there be something in the beta 1.22 that would fix this?  Or am I doing something fundamentally wrong here?

[ttmcmurry]

I'm on the 1.21 beta and created a website filter for www.myspace.com based on the rules that alphaman created, but with one small change:

Instead of Machine: Other, I used MAC address to control the setting.

Worked perfectly.

Having said that I think I know why yours gives you issues.  On 1.21 beta, you cannot choose "other machines" as the only device in the access list.  You have to pick at least one system on your network.  I receive a pop-up window that tells me to pick at least one computer on my network.  If you pick a computer in your network, do it by MAC address instead of IP.  IPs can change or be arbitrarily changed on a given computer -- but you can't (easily) change a MAC address.

[Orion]

Alphaman: I can confirm that your bug still exists on an A3 1.21 using the latest beta

ttmcmurry: Tried MAC only etc, no luck on my end, it is possible my default config contains other settings that cause the different outcome 

I have no requirement for the Access Control features so it does not impact me.

[EddieZ]

Tried reproducing your issue, but no luck (crash) getting your results. 
It does however block the site...

[ttmcmurry]

You could always backup your gateway settings to a file on your desktop, then do a factory reset (hold the reset button the back of your 655 for 10 seconds / two reboot cycles), and then ONLY try to set up a website filter and see if it works.

If you get the crashing effect again, perhaps it's time to re-flash your firmware.  You can also now restore your old settings with the backup file.

If there's no crashing this time, start setting the router up one feature at a time, then test as you go and see where (or if) a particular setting breaks the router.  Of course you can always reload the backup file and see what happens.

[lotacus]

There seems to be two separate issues going on here. it's hard for me to follow exacly what the issue is. It lookes like it was solved by him using mac address not ip address. Which is logical, because ip addresses will change if dhcp is on, which means when ip's change, the policy will affect a computer that it was never intended to affect. So always do mac address, even if you have dhcp turned off and assigning ip addresses statically.

The other issue with the policy and the "others". In order to successfully apply the filter, you not only have to have "others" that it will apply to, you will also have to have a policy set in place for all the other machines. If you dont, then the router won't know which "others" you are talking about. So you will have at least two policies. for example. if you have four computers 3 will have to be in it's own policy to unrestricted access, and then the other policy to have webfiltering. This is most effective.

OR, You can have all four in a policy of always allow (unrestricted) and THEN create a separate policy to deny access (or filter), using the (all others). One thing that I did not try, however, if these policies will apply to people that have manually set their IP address  outside the DHCP scope.

This brings me to one feature that would be handy to some people, especially parents who's children are technically more fluent than they are, would be to have some method in place where the router will deny access to computers outside the DHCP addressing scope, without having to create numerous policies to do so.