How to block Google Talk ?

WinGate Proxy Server and other Qbik products

Use this forum to post questions relating to WinGate, feature requests, technical or configuration problems
Post a reply
gartico
  • gartico
  • Posts: 9
  • Joined: Oct 05 05 3:17 am

How to block Google Talk ?

Dec 21 06 8:25 am

Hi,

I would like to know how to block Google Talk.
I added the criterias 'Server name contains "talk.google.com"' and 'Server name contains "talkx."' at Ban list of the WWW Proxy server service but it didn't work.

I'm using Wingate 6.1.4 (Build 1099) under Windows 2003 Server.

Could anyone help me ?

Thanks for your attention.

Gabriel
jamesc
  • jamesc
  • Posts: 928
  • Joined: Apr 04 05 2:04 pm
  • Location: Auckland, New Zealand

Dec 21 06 5:11 pm

Well, based off your explanation of how Google Talk connects through the WWW Proxy Server, I would suggest using the Advanced tab of a users / groups policy:

Filter 1
This criterion is NOT met if HTTP URL Contains talk.google.com


Or as an alternative you can use the BAN tab of a users / groups policy:

This criterion is met if HTTP URL Contains talk.google.com


**Edit:

And let the forum know if you still need assistance with this.
gartico
  • gartico
  • Posts: 9
  • Joined: Oct 05 05 3:17 am

Dec 22 06 12:56 am

jamesc

Thanks for your help but it didn't work.
I already tried a lot of Filters in diferent places but the Wingate ignores them.

I would like to mention that Google Talk access the URL:
SSL://talk.google.com:443 and
SSL://talk.google.com:5222

I can't block port 443.

Gabriel
ChrisH
  • ChrisH
  • Posts: 388
  • Joined: Sep 13 03 1:38 am
  • Location: Canada

Dec 22 06 3:03 am

gartico wrote:
I already tried a lot of Filters in diferent places but the Wingate ignores them.


When you say that it ignores them, it probably is because you don't have the policies set quite right. Give us a little more detail on how you have things set up in terms of groups/ users and how policies are set in WWW proxy and System. Do you have an AD environment? How are users/groups managed - through AD or do you have a WG database set up? Do your policies require authentication? assumption? How do client machines connect to WG - NAT, WG client or proxy? Do you have Transparent proxy set in WWW proxy server properties? and anything else you think might help us.
gartico
  • gartico
  • Posts: 9
  • Joined: Oct 05 05 3:17 am

Dec 22 06 6:26 am

Ok ChrisH,

Lets see if I can give you all the info needed:

1. The users are managed through a WG database.
The internet access is totally blocked for a new user and when he needs to access a web site, a new group is created (when it not exists) and put in the WWW Proxy Server Policies (wich is configured to "Default rights (System Policies) ar ignored)". Then, at the Advanced tab, a filter is created in order to allow the access only to a specific web site. In some cases the Ban List is configured too. After all configuration, the user is added to the group in order to gain access.

2. The machines connect to WG through proxy, using the Java client.

3. In the WWW Proxy Server service, the Sessions configuration is set to "Intercept connections made via ENS, the WinGate Cliente, or SOCKS server on the followin ports: 443, 5222, 80"

In my opinion WG is not blocking the Google Talk because it uses a SSL conection at port 443.

Gabriel
ChrisH
  • ChrisH
  • Posts: 388
  • Joined: Sep 13 03 1:38 am
  • Location: Canada

Dec 22 06 8:07 am

Gabriel, Do you have the Everyone group listed in WWW proxy? These new users only belong to one group right? If you haven't already, try removing interception of port 443 and 5222 and see what happens with a ban policy HTTP URL contains talk.google
Post a reply
Switch to full style

Powered by phpBB © phpBB Group.

phpBB Mobile / SEO by Artodia.

Board index