- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
02-16-2024 12:37 PM
Hi All,
I have a rule to block TikTok at a school and it works as expected. I have another rule to block TikTok at another school and it does not work at all. The rules are identical except that the first rule blocks some other apps as well.
I've attached screenshots. Rule1 and Log1 are for the site that works, Rule 2 and Log 2 are for the site that doesn't work.
Pulling my hair out on this one! Does anyone have any suggestions?
Thanks for your time.
Marlon
02-16-2024 05:23 PM
Hi @mmeiklejohn ,
Since TikTok is hitting LAN-INT-Allow-Sanctioned Apps, 1st verify your block rule comes before it.
Second, compare each column in the traffic log with rule (e.g., does the source IP match one of the source groups configured?). If the order of rules is correct, there WILL be some detail in the traffic logs that does not match the rule. Otherwise, it would match.
Thanks,
Tom
02-20-2024 11:27 AM
Thanks for the input Tom. I confirmed the blocking rules before the LAN-INT-Allow-Sanctioned-Apps, and the IPs of the machines in question were part of the assigned source groups.
However, I discovered that I had a URL Category defined under the Service/URL Category tab on the blocking rule that was failing. The URL Category defined specific URLs that were to be blocked, so I was attempting to block apps and URLs in the same rule. For the blocking rule that WAS working, I did not have any URL Categories defined. In that case I had a totally separate rule to block specified URLs. I don't fully understand why that would cause the rule to fail, but I don't really care at this point. All is working as expected now!
04-03-2024 10:25 AM
@mmeiklejohn are your rules still working? I just had to add some cdn urls for tiktok. Traffic in andriod and apple apps was being allowed.
04-03-2024 11:07 AM
Hi. I'm told that once in a while a student will get through on an iPad, but I've never been able to confirm that.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!