12-05-2016 02:09 PM - edited 12-05-2016 02:10 PM
Is there a way to return a block page to users when their connection is blocked not by the URL-filter but by a security policy?
We have a security policy that blocks all outbound traffic to a list of foreign countries. The problem is when users attempt to browse websites in these countries the traffic is blocked but the user doesn't receive any information about why it was blocked- the connection just times out.
IS there a way to send an HTML block page to users when the traffic is blocked?
Thanks
12-05-2016 03:58 PM
If user tries to browse to website that is running on IP that is not permitted then this attempt is blocked before connection get's to HTTP.
Initial SYN packet gets tcp-rst back and connection is taken down.
What you can try is to:
Create top rule that permits traffic to your country IP addresses, application web-browsing, action allow.
Create second rule below it where destination is any, application is web-browsing and action is block.
And edit application response page.
If I were you I would add some Javascript to it so if application equals to web-browsing then show text "You are browsing to website hosted outside our country".
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
