Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

List of Websites

How can i make a list of websites on my router at home so i can only go to those websites. Just want to see how to set it up. they have this at work but i don't know how it is setup and would like to duplicate it.

Regards

2 REPLIES
Cisco Employee

List of Websites

Hello,

You probably know that each PC before sending packet to website resolves website's name into ip address. And then packets are sent specifically to that ip address.

Single name may be resolved in different ip addresses from time to time based on load-balancing/server change/etc.

So in order to block/allow particular web sites - you first of all need to know to which ip addresses those resolve. You can do it yousing command line (cmd.exe) bu just pinging website name "ping cico.com" or using nslookup command to resolve name to ip.

Then on your router based on it's specification you configure access-list and apply on interface to WAN or possibly your LAN permitting all packets going to valid web sites and denying all packets going to other ip addresses. You can specify port 80 and 443 explicetly in ACL to make sure that you are blocking only web traffic by this and not skype for example. For all rest protocols you may create implicit permit ebtry in the end.

Hope this helps,

Nik

List of Websites

Hi,

An alternative solution is to use NBAR. The advantage of this method is that you don't need to know the web site's IP address. This example shows you how to block You Tube.

http://blog.ine.com/2008/05/08/using-nbar-for-application-filtering/

The drawback of NBAR however is that it won't block https web sites, for example https://www.youtube.com

330
Views
5
Helpful
2
Replies
CreatePlease to create content