Hi All.

I am looking for a solution to enable me to filter URLs at 3 levels on my Draytek using IP addresses. All devices connected require an IP address binded to their MAC before they can access the net anyway so this gives me the ability to allocate them an IP based on what level of net access I want them to have, I thought of the following:

Level 1 - IP Range 192.168.1.100 - 110 have unrestricted internet access
Level 2 - IP Range 192.168.1.50 - 99 have restricted internet access with URLs Facebook, Twitter and You Tube blocked.
Level 3 - IP Range 192.168.1.10 - 49 have no internet access at all. This will be for those who repeatability abuse net access at work and who don't need net access to do their job. Once they have learnt their lesson I can allocate them a level 2 IP and renew their IP.

DHCP Set to allocate addresses 192.168.1.10 - 49

What would be the best way to go about this? My Router is not a wireless model, I have an external AP with MAC filtering.

I have watched two you tube videos on setting up content filtering (http://www.youtube.com/watch?v=0S8QJHz2Rvo and http://www.youtube.com/watch?v=sDqqAcFJMfM ) But I can only get the rules to work at level 1 and level 3 at the same time.

Many thanks

the firewall is a top down Logic engine

Create a filter rule at the top of Data filter LAN to WAN, Source ANY Desintation ANY services HTTP and HTTPS Action Block Unless Further Match

Next Rule LAN to WAN Source 192.168.1.100 -110 Destination ANY Services ANY Action PASS Immediately

Next Rule LAN to WAN source 192.168.1.50-99 Destination ANY Services ANY Action PASS Immediately but select the URL filter rule from the drop down Next to URL content Filter (2nd from bottom)

You can play with these rules but that's a basic way of doing it

Upgrading to a 2830 would be better too

sicon wrote: the firewall is a top down Logic engine

Create a filter rule at the top of Data filter LAN to WAN, Source ANY Desintation ANY services HTTP and HTTPS Action Block Unless Further Match

Next Rule LAN to WAN Source 192.168.1.100 -110 Destination ANY Services ANY Action PASS Immediately

Next Rule LAN to WAN source 192.168.1.50-99 Destination ANY Services ANY Action PASS Immediately but select the URL filter rule from the drop down Next to URL content Filter (2nd from bottom)

You can play with these rules but that's a basic way of doing it

Upgrading to a 2830 would be better too

Excellent, worked a treat.

I would really like a 2830n but can't justify spending the money just to play about with it. Oddly enough I acquired this 2820 from a client who wanted two 2830s (one primary and one failover) and just told me to get rid of the 2820, perfect working order so thought i might fit it myself and have a play.