Many web sites such as YouTube now use HTTPS to deliver content. As a result, they can be difficult to block using URL filtering in the firewall settings. The Vigor2830 does not have the UCF option under DNS filter, so this document provides a solution that can be used to block HTTPS websites without using DNS Filter.

This document describes how to block YouTube without using DNS Filter.

We will apply the firewall filter to block access to YouTube for a group of PC’s within the IP address range –

Step 1: Determine all the Web Sites that need to be blocked

Some HTTPS web sites get content from various sources. You will need to build up a list of these sites and determine the IP address ranges being used.

For YouTube there are 6 sites that need to be included. These are:

Name                                                                    IP Address                                                                                                                                                                        

youtube-ip-range                                     –                                   


Step 2: Create IP Objects

Go to Objects Setting >> IP Object menu and create IP Object profiles for each of the sites mentioned in step 1.

The settings for each objects is shown below:

Step 3: Create IP Group

We now combine all the IP objects into a group to make it easier to include in the firewall settings.

Go to Objects Setting>>IP Group configuration menu and move the IP objects into an IP group. WE have named the IP Group “youtube”

Firewall setting to block YouTube for LAN IP addresses in the range to


Go to Firewall>>Filter Setup and add a firewall rule with source IP address range of – and destination to any IP addresses in the IP group youtube and Block if No Further Match.