Allow Vimeo From Specific Website

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Allow Vimeo From Specific Website

Not applicable

Hello,

I have a customer that would like to block vimeo completely but allow it specifically from one website, aaregistry.org.  I have PAN-OS 4.1.6 running right now and have tried to use a custom URL category in my rule to allow vimeo specifically from that one URL, but I am having no luck.  I also even added vimeo.com to the URL category and it doesn't seem to be working, am I doing this right?  (screenshots attached)

My block rule works, it blocks vimeo for my user account completely, but adding my allow rule did not grant me access to vimeo on aaregistry.org, or even vimeo.com after I added that to the custom URL category.

1 accepted solution

Accepted Solutions

Thanks mikand, I was actually able to get this working by allowing the Vimeo application for the websites player.vimeo.com and aaregistry.org and then blocking it for all other sites.  They also asked me to attempt to set up the same sort of thing for Youtube videos but I was unable to get that to work as the URL is always www.youtube.com for those videos, even embedded.

View solution in original post

7 REPLIES 7

L6 Presenter

1) I think you can remove the "http://" stuff from your url categories.

2) What if you allow any traffic for your testuser and then go to this particular site and start a movie (or whatever you use vimeo for).

What will the trafficlog then log?

Im thinking that the actual url might be different from the url you are visiting and of course you wont then get any hit for your allow rule for the vimeo traffic.

2) I found these domains aswell:

player.vimeo.com
a.vimeocdn.com

So I guess if you add *.vimeo.com and *.vimeocdn.com your allowrule would start to work. However this will also open up for any other vimeo from other sites - I dont know if its possible for PA to setup the rule as a parent (only allow *.vimeo.com and *.vimeocdn.com if the referer is *.aaregistry.org, perhaps you can create custom app that does this?).

Thanks mikand, I was actually able to get this working by allowing the Vimeo application for the websites player.vimeo.com and aaregistry.org and then blocking it for all other sites.  They also asked me to attempt to set up the same sort of thing for Youtube videos but I was unable to get that to work as the URL is always www.youtube.com for those videos, even embedded.

I understand you have an answer you like.  As this post comes up when searching for Vimeo and YouTube, and for the sake of completeness in the forums, I'd like to point out that allowing player.vimeo.com allows Vimeo on just about any other website embedding Vimeo.   While this may be fine for what you are doing, it may not be the result others are after.

I am attempting to block Vimeo by use of blocking the URL category streaming media on my own network, while using Vimeo to stream videos from my own website.  I do not have the "application" blocked, just the URL category.

To accomplish this, I created a custom URL category whitelist and added these to the whitelist;

player.vimeo.com/log/

player.vimeo.com/crossdomain.xml

av.vimeo.com/crossdomain.xml

player.vimeo.com/play_redirect

Specific video embeds in this category whitelist;

player.vimeo.com/video/50993603

player.vimeo.com/video/51007252

player.vimeo.com/video/51007253

Specific videos in this category whitelist;

av.vimeo.com/31334/214/121592329.mp4

av.vimeo.com/61936/541/121558466.mp4

av.vimeo.com/61936/541/121558411.mp4

This is working to my desired effect.

This also works for YouTube;

This is my whitelist;

*.youtube.com/crossdomain.xml

*.youtube.com/embed/B4bPp7AjpIc

*.youtube.com/get_video_info

*.youtube.com/player_204

*.youtube.com/ptracking

*.youtube.com/ptracking?ptk= youtube_none&pltype=content&pl id=AATGtFZcMl6pi-dt&video_id=q T1QXR6QMsE

*.youtube.com/user/NewPrimeInc

*.youtube.com/videoplayback

*.youtube.com/watch?v=B4bPp7AjpIc

*.youtube.com/watch?v=SmPhaLrmbc4

www.youtube.com/v/4AFGR7d4yLA

While these examples specify my videos, you would need to figure out your own video GUIDs/identifiers and add them.   The YouTube example has been working for me for years with minor additions over the years.  The Vimeo whitelist is new to me.

Hi.

How can you get the GUID identifiers.

In the log are very long

s.youtube.com/stream_204?fexp=905619,901802,908533,914043,916615,928201,929117,929121,929906,929907,929127,925714,929917,929919,912512,912515,912521,906838,931913,904830,919373,933701,904122,936303,912711,935000&event=streamingstats&el=detailpage&plid=AAThKDTb3k74A8d&fv=WIN 11,7,700,224&ns=yt&error=12.073:116:0.00,15.061:102:0.00&scoville=1&docid=8y8R4syA8V4&cpn=a16a0dSM6HPgGIZf&fmt=160

Thanks EdwinD,

We had some embedded videos that simply would not work until I found your post.  We are only using the URL filter, not application based.  The only difference I had was that I had to add the following two links as well:

a.vimeocdn.com/p/2.1.18/js/player.js

a.vimeocdn.com/p/2.1.18/css/player.css

I used the Monitor to find the mp4 link which is a bit of a pain but at least it worked. 

So far I have been able to get away with just the *.youtube.com/watch?v=8Ur3tVeAqXE style links, except for when using embedded links one time.  I had to add the following link as well, youtu.be/8Ur3tVeAqXE to make it work then.

I am on 5.0.9 at the moment if that helps someone later.

Thanks.


@EdwinD wrote:

I understand you have an answer you like.  As this post comes up when searching for Vimeo and YouTube, and for the sake of completeness in the forums, I'd like to point out that allowing player.vimeo.com allows Vimeo on just about any other website embedding Vimeo.   While this may be fine for what you are doing, it may not be the result others are after.

 

I am attempting to block Vimeo by use of blocking the URL category streaming media on my own network, while using Vimeo to stream videos from my own website.  I do not have the "application" blocked, just the URL category.

 

To accomplish this, I created a custom URL category whitelist and added these to the whitelist;

player.vimeo.com/log/

player.vimeo.com/crossdomain.xml

av.vimeo.com/crossdomain.xml

player.vimeo.com/play_redirect

 

Specific video embeds in this category whitelist;

player.vimeo.com/video/50993603

player.vimeo.com/video/51007252

player.vimeo.com/video/51007253

 

Specific videos in this category whitelist;

av.vimeo.com/31334/214/121592329.mp4

av.vimeo.com/61936/541/121558466.mp4

av.vimeo.com/61936/541/121558411.mp4

 

This is working to my desired effect.

 

This also works for YouTube;

This is my whitelist;

*.youtube.com/crossdomain.xml

*.youtube.com/embed/B4bPp7AjpIc

*.youtube.com/get_video_info

*.youtube.com/player_204

*.youtube.com/ptracking

*.youtube.com/ptracking?ptk= youtube_none&pltype=content&pl id=AATGtFZcMl6pi-dt&video_id=q T1QXR6QMsE

*.youtube.com/user/NewPrimeInc

*.youtube.com/videoplayback

*.youtube.com/watch?v=B4bPp7AjpIc

*.youtube.com/watch?v=SmPhaLrmbc4

www.youtube.com/v/4AFGR7d4yLA

 

While these examples specify my videos, you would need to figure out your own video GUIDs/identifiers and add them.   The YouTube example has been working for me for years with minor additions over the years.  The Vimeo whitelist is new to me.


 

I have blocked category 'streaming media' and just want vimeo in it's entirety whitelisted as an override.

I implemented, the following URL regex override.

- *.vimeo.com
- *.vimeocdn.com

- player.vimeo.com/log/

- player.vimeo.com/crossdomain.xml

- av.vimeo.com/crossdomain.xml

- player.vimeo.com/play_redirect

But I can't get to https://vimeo.com or anything vimeo.. what am I missing ?

  • 1 accepted solution
  • 15574 Views
  • 7 replies
  • 2 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!