Announcement

Collapse
No announcement yet.

Forefront TMG Blocking and Allowing

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Forefront TMG Blocking and Allowing

    I am using Forefront TMG as a proxy server to block certain websites.

    Now there is a request that, a certain page on a blocked website is allowed. This is on the website Facebook.com

    It is blocked entirly via domain sets. However is there a way to unblock a certain page like facebook.com/(pagename) to allow that webpage but keep the rest of the website blocked for the users.

    This could come in very handy.

    I hope i can be helped.

    I already use a rule on Allow and use URL Set to allow a specific website.

    I already enterd facebook.com/pagename to try and have that specific page unblocked.

    Thanks in advance for your help.

  • #2
    Re: Forefront TMG Blocking and Allowing

    Never used this product but it may have an option for using a regular expression to exactly match the string you want to block but allow everything else to that particular domain? Or an option to say "match this and block it" but NOT match this? Not sure how granular you can get with TMG.
    CCNA, CCNA-Security, CCNP
    CCIE Security (In Progress)

    Comment


    • #3
      Re: Forefront TMG Blocking and Allowing

      While back i added the Blogs/Wiki Category. and the next day i had to specificly unblock wikipedia becuase that site was blocked. i was able to use a domain set to unblock wikipedia.

      So in a sense if i have a website blocked with a Category or in a domainset. i can add a site that is in 1 of the 2 in another domain set but allow it. It will not block that website anymore.

      So if facebook.com is blocked in a domain set, and add it to the domain set to allow it. The allow will override the blocking domain set to allow facebook, even tough its in a deny rule/domain set.

      But now the question is, how to keep facebook.com blocked but allow facebook.com/fanpage for example.

      How do i configure this in Forefront TMG

      Comment


      • #4
        Re: Forefront TMG Blocking and Allowing

        I think if you created a rule allowing HTTP/HTTPS outbound with the destination being a URL Set containing the required Facebook URLs and place it above the Deny rule for blocked web categories it should work. Make sure you have explicit URLs and no wildcards.
        BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
        sigpic
        Cruachan's Blog

        Comment


        • #5
          Re: Forefront TMG Blocking and Allowing

          I am going to try this today, and see if it works.

          Thanks for the information. I will let you guys know what happens.

          Comment


          • #6
            Re: Forefront TMG Blocking and Allowing

            Originally posted by Techguy2201 View Post
            I am going to try this today, and see if it works.

            Thanks for the information. I will let you guys know what happens.
            Wel i did it. And it works perfectly. Somehow there is a feature build into this. That if when you add facebook.com/page plus adding *.facebook.com/page

            you make you that you can visit the page via www facebook and facebook.com.

            Now comes the nice feature. when facebook is blocked in general bhut the page is not. It makes sure you can only STAY on the page so clicking on the facebook logo wont get you anywere.

            You do however can login to facebook, and view the full page incase hte page cant be fully viewed when logged out. Even then you can goto any other page or funtion. ONLY the page you deblocked can be used.

            NOTE: make sure you add facebook.com/logout.php so users get logged out safely

            Comment


            • #7
              Re: Forefront TMG Blocking and Allowing

              Thanks for letting us know.
              BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
              sigpic
              Cruachan's Blog

              Comment

              Working...
              X