UniFi Content Filtering
Вставка
- Опубліковано 3 сер 2024
- UniFi does have built in content filtering -- let's take a look!
Hire us! williehowe.com
Amazon Afflilate Links for Gear:
Synology RTC2600AC: amzn.to/3pHTt2F
UDM Pro Link: amzn.to/3LKaqBR
Standard UDM Link: amzn.to/3AKChvr
Want to join us in learning how to deploy network services like this? Put your name on the training list now: williehowe.com/training/
Affiliate Links (I earn a small percentage of the sale if you use these links):
My AmazonLink: www.amazon.com/shop/williehowe
Netool: netool.io use code WHT to save at least 10%!
Digital Ocean Affiliate Link: m.do.co/c/39aaf717223f
Patreon Link: / williehowe
Contact us for network consulting and best practices deployment today! We support all Grandstream, Synology, DrayTek, Obihai, Poly, Ubiquiti, MikroTik, Extreme, Palo Alto, and more!
Come back for the next video!
Twitter - @WillieHowe
TikTok - @whowe82
SUBSCRIBE! THUMBS-UP! Comment and Share! - Наука та технологія
As an IT manager I have looked down this list so many time and I always missed it. Thank you so much!
Thanks for this info! I am going to install a Ubiquiti system for my new home build. This will work great for the grandchildren........grin
Great Video Willie, thanks for the heads up on this feature. It looks like a next generation gateway or a UDM is required. Couldn't see the content filtering option on the USG Pro 4.
that option does not come up. the options are multicast dns and igmp snooping
Good stuff thanks. Id like to see video on buying a domain and using it on a unifi network for internal dns please
I saw it had domain name blocking under traffic management in the drop down menu. Can just enter the site FQDN and block the specific website. I was concerned Unifi did not have that option. Glad they do.
Would love to see a video on any rules of thumb that you use to determine whether you use Traffic Manager or Firewall. Some of the use cases are obvious, like I want to block all Slack traffic, that's a Traffic Manager rule. If either option COULD handle a particular use case, are there specific advantages of using one over the other in certain scenarios?
This is a great help. If you find out that you can override and allow something let us know. Also is there a way to just block UA-cam shorts?
Great Video! I am wondering if you noticed blocking UA-cam as an app and domain also blocks some google tools like gmail/google chat/ sheets/ doc because it uses a UA-cam domain for some account things. Is there a way around this?
I would like to see an adguard setup with Unifi. I started but I feel like I'm missing something.
I am trying to set the filtering policy to the Wi-Fi. I can get it to my wired connections but fails to block restricted content over wi-fi
As a parent, I’m glad you made this video. Thank you! I’m paying $10 for eero parental controls and have been debating a dream router.
Thanks alot for this. Is it normal after blocking apps to still see traffic from them (even tho small). I'm guessing its when the users try to use them? Was expecting to not see any at all anymore
What is the backend configuration it does to filter DNS requests and force them to use its own with that work/family setting?
Great video Willie. It's nice to have an option built into Unifi. How does this compare to something like NxFilter or PiHole, besides obviously not having to administer a separate box?
If you want a single place for fine grain control you'll want to offload it to something else but for someone who just wants it to work and is hands off it'll probably do the job.
I have deployed and managed about 100 Unifi sites. In my experience, Unifi gives you basic business needs really well but will fall short in the more niche and/or full enterprise expectations. What we would do was put in a pfSense in sites needing more options such as certain compliance requirements.
In most cases, the USG or UXG was more than sufficient with one caveat being router on a stick which I loathe. The good news was the release of layer 3 switches. I have yet to test the guest policies on those switches to see if they can serve as true core switches.
@@WillieHowe This is what I expected. I once did a little side-work for an organization helping "returned citizens on parole" and that is where I first encountered NxFilter. Their network infrastructure was pure garbage, but they were somehow meeting the guidelines the state had set forth.
Hey Willie have you been able to set UA-cam traffic to not be filtered with the traffic manager?
Hi, Thanks for you Video, I have a UDM PRO but I dont knoew because it dont apply the block a domain or IP like the video, I am trying block for example a domain but Traffic rule allow it
Thanks Willie. I tried applying the filtering to my network but it did not block any sites on my wifi? Any suggestions?
I can't seem to get this to work... I tried creating a virtual network and changed my computer to be on that network, but content is not blocked...
How you can block a specific web site? Domain Name must be a valid hostname always getting these
how would you allow to use youtube with restricted mode off while using content filtering?
My USG-Pro-4 doesn't have the content filtering option. What hardware do I need for this?
UDM-PRO or UDM-PRO-SE
this content filter had particularly negative results on our Nintendo Switch. The Test results on the switch differed dramatically and the eshop was completely unreachable from the Switch. I still don't fully understand why.
Is there a reporting function? I'm considering a UniFi Dream machine pro for a church I work for, but they want to see when users have attempted to access adult content.
Hmm... Not sure if you can get push notifications but there is a log section that shows violations.
@@WillieHowe thanks for the quick reply!
Can you view logs of the content filtering?
Not as far as I know.
@Willie Howe Do you have any clients in central Missouri?
Yes
So no MAC address filtering?
Unfortunately, it seems that Content Filtering can only be used at the Network (VLAN) level?? I'd like to keep the kids' devices in the Default VLAN, and apply content filtering only to their devices. Is there any way to do that? Moving their devices to a new KIDS VLAN would be too much work since they already know the Default VLAN's Wi-Fi password, and changing it would be too big an impact on many other devices. The nice thing I like about Synology Safe Access is that Content Filtering can be applied at the device (MAC Address) level. This is one reason I'm still staying with Synology. But I would like to move to a UDM-SE. Any suggestions?
I guess another approach is to apply Content Filtering to the Default network, then create a parents only network and SSID without content filtering. Less changes this way. All other devices don't need to change their SSID or Wi-Fi password.
I know this is late, but figured I would post it anyway for someone who might come by later. You can always block their MAC Addresses from the Default Wifi Only. I do this at businesses to the business devices, so they can't be connected to anything other than the business vlan. I also do this to employee personal devices, so they can't be connected to the business vlan, only the employee private. You open the wifi, set the options to manual, Enable MAC Address Filter, Select Deny, Add MAC Addresses.
Odd I can't find it in my Network app, running 7.4.156. I'm using Unifi paid controller from their cloud. Just a heads up!
Hrm... What gateway do you have?
@@WillieHowe USG Pro 4, I imagine many of the new features they're putting out will be developed for more modern hardware...perhaps its time to upgrade.
@@chaosjosh A UXG is a nice drop in replacement for the USG.
@@WillieHowe I have a UXG and 2x UDM Pro's in my work enviroment, a bit hesitant to upgrade the home environment with personal finances as I feel like we're on the edge of a new release that I'll want to tinker with at home. Can't exactly tinker with the work hardware without impacting co-workers.
You can force dns to the USG then have the USG use the dns of the filter you want.
when the youtube block after youtube kids not working but 2 diffrent app in unifi content
Please stop saying ‘I appreciate each and every one of you’ !
Why? I do appreciate my audience. Without the audience there's no point to the channel.
Maybe this message came from the upside down and they really love it!
@@WillieHowe it’s a bit repetative
@@over-engineeredyour comment seems a little over engineered…. How is this any different thank saying “thanks for watching!” Or “hit like and subscribe!” ? - it’s a sincere comment and showing gratitude.
@Tim Bare We are in a new age. Common courtesy is now too PC. It is best to drop an expletive rather than be cordial. Kindness is just out of style.
You notice it when walking in and out of stores and meetings on country roads. People just don't want to be kind anymore.