vSRX
vSRX

Blocking Youtube, Facebook etc.

[ Edited ]
2 weeks ago

Hi guys,

 

I have a problem with vSRX. i tried so many things for that, i almost search every source(google, youtube, j-net, techlibrary etc.) but cant solve anything Smiley Sad

 

i tried web filtering, enhanced filtering but i cant block any web sites on my vSRX. i found a license which is 30 day trial license from juniper.net

 

how can i do that, please help me Smiley Sad(

6 REPLIES 6
vSRX

Re: Blocking Youtube, Facebook etc.

2 weeks ago

Hello ajann92,

 

You need to use enhance web filtering which support blocking of websites on HTTPS based but along with that you need to have default pki loaded on the box and ensure that the local certificate is exported to web browser. Please find the below kb details.

 

https://kb.juniper.net/InfoCenter/index?page=content&id=KB31122

 

There is another way to block via application-firewall but you need appropriate IDP license.Here is the config snippet.

 

show security application-firewall
rule-sets AppFW {
rule BLOCK_YOUTUBE-STREAMING {
match {
dynamic-application [ junos:YOUTUBE-STREAM junos:UNSPECIFIED-ENCRYPTED ];
dynamic-application-group junos:multimedia:web-based;
}
then {
deny;
}
}
default-rule {
permit;
}
}  

vSRX

Re: Blocking Youtube, Facebook etc.

Thursday

It isnt work

 

i tried this before by the way

vSRX

Re: Blocking Youtube, Facebook etc.

[ Edited ]
Thursday

Hello,

If everything else fails, You can use my post from 2011 for more ideas to try

https://forums.juniper.net/t5/SRX-Services-Gateway/How-can-I-block-HTTPS-website-on-juniper-srx-100/...

HTH

Thx

Alex

_____________________________________________________________________

Please ask Your Juniper account team about Juniper Professional Services offerings.
Juniper PS can design, test & build the network/part of the network as per Your requirements

+++++++++++++++++++++++++++++++++++++++++++++

Accept as Solution = cool !
Accept as Solution+Kudo = You are a Star !
vSRX

Re: Blocking Youtube, Facebook etc.

Friday

first of all, thanks for replies

 

But it isnt still working, i twrote your idp solution for idp to cli, there was no failed, but when i tried to go to youtube, it was all pass Smiley Very Happy

 

at, j-web, conf. cant commit and it said that destination and host prefixes cant be same but it isnt

 

there is anyone can solve this problem Smiley Very Happy

 

by the way, i tried to open a case to service request but it wants to me to 14 character code, but my vsrxs has 12 character code

vSRX

Re: Blocking Youtube, Facebook etc.

Sunday

Hello,

 


@ajann92 wrote:

 

But it isnt still working, i twrote your idp solution for idp to cli, there was no failed, but when i tried to go to youtube, it was all pass Smiley Very Happy

 

 

A dumb question but do You have  license(s) installed?

If not then please follow this KB to get a trial license

https://kb.juniper.net/InfoCenter/index?page=content&id=KB16675&actp=METADATA

 

Trial licenses are available and valid for 4 weeks; you can only fetch a trial license once per year for each device serial number. 
Use the command:
request system license update trial

 

HTH

Thx

Alex

_____________________________________________________________________

Please ask Your Juniper account team about Juniper Professional Services offerings.
Juniper PS can design, test & build the network/part of the network as per Your requirements

+++++++++++++++++++++++++++++++++++++++++++++

Accept as Solution = cool !
Accept as Solution+Kudo = You are a Star !
vSRX

Re: Blocking Youtube, Facebook etc.

yesterday


Capture.JPGthese are my licenses