GFI Software Aurea SMB Solutions


Home » GFI User Forums » Kerio Control » Permited content still being blocked (Assistance with content filters)
Permited content still being blocked [message #144919] Tue, 29 January 2019 11:53 Go to next message
Shaunie is currently offline  Shaunie
Messages: 17
Registered: June 2016
Location: Everywhere
Dear Kerio users,

I have a content filter that lets a specific device (from a group) access certain web pages and then everyhting else is blockled
As can be seen from the below image.

/index.php?t=getfile&id=4923&private=0

So my understanding for this is that the below url should be allowed?
frcch1-vip-bx-001.aaplimg.com

Yet in the logs I see:
DROP [Rule] 'Block everything else on iPad' [Connection] ipad.domainname.com (10.72.33.201):49479 -> frcch1-vip-bx-001.aaplimg.com (17.253.109.201):443, HTTPS [Content]

There is another rule below this that allows th captice portal to work and a few other required sites.

Then below this rule in content filter is another rule to block everything on the same vlan.

My goal is to allow iPads enough access to internet to get a developer app pushed to them and for them to enrol in Profile manager. Yet still have them blocked from reciving update notifications.


Re: Permited content still being blocked [message #144923 is a reply to message #144919] Wed, 30 January 2019 06:46 Go to previous messageGo to next message
PPG is currently offline  PPG
Messages: 117
Registered: February 2010
Just out of curiosity:

In the rule i see: applimg.com
In the log i see: aaplimg.com

The second letter is different...
Re: Permited content still being blocked [message #144924 is a reply to message #144923] Wed, 30 January 2019 14:12 Go to previous message
Shaunie is currently offline  Shaunie
Messages: 17
Registered: June 2016
Location: Everywhere
I also spotted that and corrected it, also changed it to across all protocols. However I am still getting inconsistent results:

[30/Jan/2019 13:59:15] DROP [Rule] 'Block everything else on iPad' [Connection] 10.72.33.121:58399 -> frcch1-vip-bx-003.aaplimg.com (17.253.109.203):443, HTTPS [Content]
[30/Jan/2019 14:03:27] ALLOW [Rule] 'iPad Network Allowed' [Connection] 10.72.33.121:54775 -> frcch1-ntp-002.aaplimg.com (17.253.108.253):123, NTP [Content] aaplimg.com

/index.php?t=getfile&id=4924&private=0

The sub-domain is slightly different and the protocol HTTPS and NTP but surely it should match accross all? or do I need to change it back to *.aaplimg.com and just as HTTP and HTTPS?
Previous Topic: Authentication doesn't work in my Kerio control 8.6.2 build 3847
Next Topic: unrecognized users statistics
Goto Forum:
  


Current Time: Wed Nov 20 05:42:25 CET 2019

Total time taken to generate the page: 0.04485 seconds