Access Restrictions not working on build 24710M

7 posts / 0 new
Last post
Law
Law's picture
Access Restrictions not working on build 24710M

Hi all,

Need some help again. I'm using Kong's build 24710M, trying to set up a rule to block certain website from a specific device.

I entered the URL in the Website Blocking by URL Address section, such as youtube.com, m.youtube.com, https://www.youtube.com and entered the target device's mac address (also tried IP), but the device can still visit the urls.

I'd also tried blocking by keyword, such as video and youtube, but the device can also access the url.

Thanks.

Kong
Kong's picture
If you enabled adblocking

If you enabled adblocking proxy then access restrictions won't work for those clients, that use the proxy.

Law
Law's picture
Thanks Kong for the quick

Thanks Kong for the quick reply. I did not enable ad blocking nor proxy. I only enabled USB, NAS, DMZ, port forwarding and mapped each device's MAC with an IP.

slidermike
slidermike's picture
kong once told me when he

kong once told me when he helped me with setting up site blocking for my LG tv's in the router that the device you are trying to block must not have already attempted to access the site in question or else it will show as established in the tables & continue to allow the client access to the newly forbidden site.
Reboot the router & test again.
That will clear out the tables in the router.

Law
Law's picture
Thank you for your help.

Thank you for your help.
Rebooting the router works. So my observation is that everytime when I create a new rule or modify/disable and existing rule, I would have to reboot the router for it to take effect.

slidermike
slidermike's picture
Not necessarily but it is

Not necessarily but it is safest.
The trick is NOT to have the client reach out to the destination before you build the rule.
The router goes down a list of rules and acts on the first hit.
So if the client was already talking to www.x.com and you then created a block for www.x.com it would not block that client because existing connections override the block rules.
So it is just easier to create the rule & then reboot the router.
That takes care if it either way.

Law
Law's picture
Thank you for clarifying.

Thank you for clarifying.