E-mail Print Subscribe ? Related Bookmark Search View all items in: UTM/Firewall/VPN > Configuration Rating: 6.00 out of 10 (1 Rating) Question/Topic UTM - How to Block HTTPS access to Gmail using SSL Control Answer/Article Article Applies To: Affected SonicWALL Security Appliance Platforms: Gen5: NSA E7500, NSA E6500, NSA E5500, NSA 5000, NSA 4500, NSA 3500, NSA 2400, NSA 240 Gen5 TZ Series: TZ 100, TZ 100 Wireless, TZ 200, TZ 200 W, TZ 210, TZ 210 Wireless, Gen4: PRO series: PRO 5060, PRO 4100, PRO 4060,PRO 3060, PRO 2040, PRO 1260 Gen4: TZ series: TZ 190, TZ 190 W, TZ 180, TZ 180 W, TZ 170, TZ 170 W, TZ 170 SP, TZ 170 SP Wireless, Firmware/Software Version: Sonic OS Enhanced 4.0 and above versions. Services: SSL Control Feature/Application: SSL Control provides visibility into the handshake of Secure Socket Layer (SSL) sessions, and a method for configuring policies to control the establishment of SSL sessions. One of the main features of SSL control is to provide a way to specify which HTTPS certificates to block. This article describes how to block access to https://www.gmail.com using SSL Control from the LAN zone. Using this method would block all websites with the Common Name (CN) www.google.com. Procedure: Step 1. Login to the Sonicwall Management interface Step 2. Navigate to the Network> Zones page and click on edit on the LAN zone. Step 3. Check the SSL Control check-box to enable it in the LAN Zone. This will affect all LAN users since SSL Control is enabled for LAN zone. Rate UTM - How to Block HTTPS access to Gmail using SSL Control http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=7564[14/01/2011 6:25:12 PM] Step 4. Navigate to the Firewall> SSL Control page. Step 5. Check the Enable SSL Control check-box. Step 6. Check the Enable Blacklist check-box. Step 7. Click on the Configure button to bring up the SSL Control Custom Lists window. UTM - How to Block HTTPS access to Gmail using SSL Control http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=7564[14/01/2011 6:25:12 PM] Step 8. Click on the Add button under Black List and enter the Common Name (CN) www.gmail.com. Step 9. Click on OK to save. How to Test: UTM - How to Block HTTPS access to Gmail using SSL Control http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=7564[14/01/2011 6:25:12 PM] To test whether SSL Control is blocking https://www.gmail.com, Step 1. Logout of the Sonicwall Management interface. Step 2. Open an internet browser. Step 3. Try to open https://www.gmail.com or https://mail.gmail.com Step 4. A "Connection Interrupted" message will be returned. Under the Sonicwall > Log the following message will be shown.
Related Items UTM: Blocking HTTPS websites with Application Firewall using Certificate Serial Number KBID 7564 Date Modified 10/27/2010 Date Created 12/30/2009