FAQ
TL;DR: On an Asus DSL‑N12E‑C1 you can’t reliably block Facebook at the router; “This Asus will not allow it.” Two options exist: hosts-file edits or OpenDNS. [Elektroda, Anonymous, post #16939189]
Why it matters: If you’re asking how to block Facebook/Messenger/Snapchat on this Asus, the built‑in URL filter won’t stop HTTPS traffic and quick workarounds exist.
- URL/keyword filters on this model don’t block HTTPS pages; expect failures with facebook.com. [Elektroda, johnny5001, post #16945586]
- Blocking a couple of IPs (e.g., 185.60.216.15/.35) won’t work; Facebook uses many ranges (AS32934). [Elektroda, WMichał, post #16944005]
- OpenDNS can help, but switching a device’s DNS bypasses it (worked “for 2 minutes”). [Elektroda, johnny5001, post #17348435]
- OpenDNS sees your router’s public IP; cellular data bypasses Wi‑Fi controls. [Elektroda, KOCUREK1970, post #16945347]
Quick Facts
- Model limitation: the DSL‑N12E‑C1 firewall states it cannot block HTTPS pages via URL filters. [Elektroda, johnny5001, post #16945586]
- Facebook hosting uses numerous networks (AS32934); single‑IP blocks are ineffective. [Elektroda, WMichał, post #16944005]
- Two suggested workarounds in-thread: Windows hosts file or OpenDNS content filtering. [Elektroda, Anonymous, post #16939189]
- Bypass risk: changing browser/device DNS defeated OpenDNS in about 2 minutes. [Elektroda, johnny5001, post #17348435]
- Devices on mobile data aren’t filtered by your router at all. [Elektroda, KOCUREK1970, post #16945347]
Can I block facebook.com on an Asus DSL‑N12E‑C1 using the built‑in URL filter?
No. Owners confirmed the router’s URL/keyword filters don’t block HTTPS pages, so facebook.com still loads. The firewall UI even notes HTTPS isn’t filtered. Use network‑level DNS filtering or device‑level controls instead. [Elektroda, johnny5001, post #16945586]
Will blocking a few Facebook IPs like 185.60.216.15 and 185.60.216.35 work?
No. Facebook serves content from many IP ranges aggregated under AS32934, so blocking two addresses misses the rest. Effective IP blocking would require covering all Facebook prefixes, which this Asus cannot manage. [Elektroda, WMichał, post #16944005]
Is OpenDNS a viable way to block Facebook on this router?
Yes, OpenDNS can block domains at DNS lookup time. However, a user reported it was bypassed within 2 minutes by changing the browser’s DNS. Use router‑enforced or locked DNS and device restrictions to reduce bypasses. [Elektroda, johnny5001, post #17348435]
How does OpenDNS see my devices—individually or as one IP?
OpenDNS sees the public IP of your router, not individual LAN device IPs. That’s normal for home NAT setups. If a phone switches to mobile data, the router’s controls no longer apply. [Elektroda, KOCUREK1970, post #16945347]
Why doesn’t HTTPS blocking work here without extra features?
HTTPS encrypts the URL path, so simple URL filters can’t read it. “There is no problem when the device has SSL packet inspection, but it’s not in Asus—another class.” Enterprise gear with SSL inspection can filter it. [Elektroda, jprzedworski, post #16946874]
What’s the quickest way to block Facebook on a single Windows PC?
Edit the Windows hosts file to resolve Facebook domains to 0.0.0.0. This is device‑specific and easy to undo, but it works per‑PC without router changes. [Elektroda, Anonymous, post #16939189]
What is OpenDNS?
OpenDNS is a DNS resolver that offers category and domain blocking before connections are made. Point your router or device DNS to OpenDNS and enable its filtering policy for social networking. [Elektroda, Anonymous, post #16939189]
What is DD‑WRT, and could it help?
DD‑WRT is third‑party router firmware that adds advanced features, including iptables scripting. A contributor noted DD‑WRT can push a full Facebook/Messenger block list into iptables, unlike the stock Asus firmware. [Elektroda, WMichał, post #16944005]
What is an Autonomous System (AS32934)?
An Autonomous System is a collection of IP prefixes under one network operator. Facebook/Meta uses AS32934 to announce many IP ranges, which is why single‑IP blocks fail. [Elektroda, WMichał, post #16944005]
Can I rely on keyword filters to stop Facebook Messenger?
No. Keyword/URL filters on this model don’t see HTTPS content, and Messenger also uses varied endpoints. Use DNS filtering plus device policies, or firmware with SSL inspection/IP blocking at scale. [Elektroda, czuker, post #16946558]
How can users bypass router‑level DNS blocks?
They can set custom DNS in the browser or OS, use a VPN/proxy, or switch to mobile data. In this thread, changing the browser DNS bypassed OpenDNS in 2 minutes. [Elektroda, johnny5001, post #17348435]
What’s a realistic plan to block two specific home devices?
Combine OpenDNS on the router with per‑device restrictions. Lock DNS settings on each device and remove admin rights. This layered approach resists casual bypasses for two devices, as requested by the original poster. [Elektroda, johnny5001, post #16937470]
3‑step How‑To: Try OpenDNS on the DSL‑N12E‑C1
- In the router WAN/DNS settings, set both DNS servers to OpenDNS addresses.
- In your OpenDNS dashboard, enable the Social Networking block category and add facebook.com to block list.
- Reboot router and clear device DNS cache; test on target devices.
“Or as you write OpenDNS.” [Elektroda, Anonymous, post #16939189]
Edge case: Why does Facebook still open at work but not at home (or vice‑versa)?
Policies apply to the network enforcing them. At work, OpenDNS blocked sites; at home, changing DNS defeated it. Location, DNS settings, and whether the device uses Wi‑Fi or cellular determine results. [Elektroda, johnny5001, post #17348435]
Does the Asus demo UI help configure blocking?
The demo shows QoS and filtering menus, but the key limitation remains: HTTPS URL blocking isn’t supported. Don’t expect the demo’s URL filter to stop Facebook. [Elektroda, johnny5001, post #16945586]
If I must block by IP only, what’s the limitation?
You’d need to maintain an extensive, changing list of Facebook/AS32934 prefixes. The DSL‑N12E‑C1 lacks tools to import and update that list, making IP‑only blocking impractical here. [Elektroda, WMichał, post #16944005]
. 
