This router is being used to lock down a public computer and to only allow access to a small hand full of sites.
I have this working through firewall rules and address list allowing but I have one site which seems to have a single front end IP address and a bunch of dynamic IP addresses it has its site pulling from. These addresses seem to change from day to day and appear from very different networks. It is almost like the ISP is just randomly rotating the IP Addresses daily. I am having to log on to the device and review the drop logs and can easily find where the main site was accessed and the additional IP addresses that were dropped. I add these in to my allow list and it is all good for another 24-48 hours.
As you can imagine, I have roughly 25 IP addresses in the allow list for the past 30 days with no end in sight. I have contacted the company and they do not know or will not tell me all of the IP addresses to provide access to so I am stuck. I would love it if I could make this work through the MT device itself as I have 20 of these sites to build for and growing, if I can make it work.
Is there a way to dynamically listen for the single common IP or URL and then allow any addresses that get requested for say, the next minute? I am just hoping someone has had this issue before and can assist.
Can you suggest any good walk-through on this. I have been away from the office all day today and had been reading and exploring the web-proxy on a test router.
The articles I am finding are of a previous version of OS. I have 3.17 loaded on both my production and test boxes.
the version doesn’t matter that much, the basics are the same. just force all your customers to use the proxy (transparent proxy, they won’t know they are being proxied). then make entries in the “access list”. first make entries for allowed domains, then make a drop rule at the end, to deny others.