Welcome . Please advise how to block Facebook on Asus DSL N12E-C1 router. I read and read, and it is probably not so simple. I need to block access on two devices. I have ADSL from Netia on the Internet. For convenience, I am providing a demo page where you can enter the router settings....

This Asus will not allow it. It's too primitive. 1. If it would be only for a Windows computer then add to the file C: \ Windows \ System32 \ drivers \ etc \ hosts what is here: 2. Or as you write OpenDNS.

Facebook.pl 185.60.216.15 Facebook.com 185.60.216.35

Blocking these two addresses will not help. The author may also be at a different ip address than the above. Facebook corresponds to me at other addresses. To successfully block, you must block the entire facebook address classes: Unfortunately, nothing can be done on this router Already on ddwrt you can 100% block facebook messneger script that will throw all these addresses to iptables

Thanks for the help!. The lock on the computer using the host file is known to me, but the other device is an iPhone smartphone and is closely guarded . Right now at work I tried the Open DNS method and so far it doesn't open fb, messenger and snapchat. When I get home I will try again. Explain one more thing to me. How the Open DNS server will see the IP of the computer and iPhone. They will be different if the server can see only one IP of my router ?.

Your router's IP, but until you turn on your own internet on your smartphone - then you no longer block it on your phone, because it no longer refers to the wifi network only to the GSM network.

I understand, but it does not bother me because Play is poor at home with my range. In the evening I get to work. I will let you know what and how. Thanks.

I don't think that the fact that Facebook works after https affected the possibility of blocking traffic by URL filters. Have you tried doing that?

No way. Even in a firewall router it clearly says that it does not block https pages. It was the first thing I did.

Is blocking in the URL filter not working in the keyword filter? because while content filtering doesn't seem obvious, I don't see why URL filtering doesn't work. Az I will probably check on my old router. And I won't look in the manual

See point 2 in my router's configuration. I checked it doesn't work

[Solved] Blocking Facebook on Asus DSL-N12E-C1 Router: HTTPS Pages, IP Blocking & Open DNS Setup

johnny5001 11646 15

Best answers

How can I block Facebook on an Asus DSL-N12E-C1 router for two devices when URL filtering does not work on HTTPS pages?

You cannot reliably block Facebook on this Asus DSL-N12E-C1 by URL or by a couple of IP addresses, because HTTPS hides the URL and Facebook uses many different IPs; to do it properly you would need to block the whole Facebook address range or use a router with SSL packet inspection/DD-WRT [#16944005][#16946558][#16946874] For a Windows PC, one workaround is to add Facebook domains to the hosts file [#16939189] OpenDNS can help as a DNS-based block, and it will see the router’s public IP on the Wi‑Fi network, not separate device IPs, but it only applies while the device uses that network [#16939189][#16946558]

Generated by the language model.

Treść została przetłumaczona

Zobacz oryginalną wersję tematu

Report a violation of the law

| New topic

#1 16937470 05 Jan 2018 12:11

johnny5001 johnny5001

Level 12

Posts: 96

Help: 2

Rate: 22
» | Topic author

Post #1
16937470 05 Jan 2018 12:11

Welcome . Please advise how to block Facebook on Asus DSL N12E-C1 router.
I read and read, and it is probably not so simple. I need to block access on two devices. I have ADSL from Netia on the Internet. For convenience, I am providing a demo page where you can enter the router settings. Blocking after URL doesn't work because fb is after https. Apparently you can somehow block the IP but I'm not very smart at it. The router demo page is: ] Link
PS Of course, I'm also interested in blocking using Open DNS
ADVERTISEMENT
#2 16939189 05 Jan 2018 23:59

Anonymous Anonymous

Level 1

» |

Post #2
16939189 05 Jan 2018 23:59

This Asus will not allow it. It's too primitive.

1. If it would be only for a Windows computer then add to the file C: \ Windows \ System32 \ drivers \ etc \ hosts what is here:
https://gist.github.com/thomasbilk/1506210/2d20f47bbcca75b2f78d6909c1637501000d846f

2. Or as you write OpenDNS.
https://www.elektroda.pl/rtvforum/topic1293614.html
#3 16941826 07 Jan 2018 01:00

KOCUREK1970 KOCUREK1970

Network and Internet specialist

Posts: 35448

Help: 3835

Rate: 5431
» | Helpful post? (0)

Post #3
16941826 07 Jan 2018 01:00

johnny5001 wrote:
Apparently you can somehow block after IP

Facebook.pl
185.60.216.15
Facebook.com
185.60.216.35
ADVERTISEMENT
#4 16944005 07 Jan 2018 21:15

WMichał WMichał

Level 32

Posts: 1629

Help: 172

Rate: 136
» | Helpful post? (0)

Post #4
16944005 07 Jan 2018 21:15

Blocking these two addresses will not help.
The author may also be at a different ip address than the above.
Facebook corresponds to me at other addresses.
To successfully block, you must block the entire facebook address classes: https://bgp.he.net/AS32934
Unfortunately, nothing can be done on this router
Already on ddwrt you can 100% block facebook messneger script that will throw all these addresses to iptables
#5 16944731 08 Jan 2018 08:37

johnny5001 johnny5001

Level 12

Posts: 96

Help: 2

Rate: 22
» | Topic author Helpful post? (0)

Post #5
16944731 08 Jan 2018 08:37

Thanks for the help!.
The lock on the computer using the host file is known to me, but the other device is an iPhone smartphone and is closely guarded .
Right now at work I tried the Open DNS method and so far it doesn't open fb, messenger and snapchat. When I get home I will try again. Explain one more thing to me. How the Open DNS server will see the IP of the computer and iPhone. They will be different if the server can see only one IP of my router ?.
ADVERTISEMENT
#6 16945347 08 Jan 2018 14:29

KOCUREK1970 KOCUREK1970

Network and Internet specialist

Posts: 35448

Help: 3835

Rate: 5431
» | Helpful post? (0)

Post #6
16945347 08 Jan 2018 14:29

johnny5001 wrote:
They will be different if the server can see only one IP of my router ?.

Your router's IP, but until you turn on your own internet on your smartphone - then you no longer block it on your phone, because it no longer refers to the wifi network only to the GSM network.
ADVERTISEMENT
#7 16945532 08 Jan 2018 16:03

johnny5001 johnny5001

Level 12

Posts: 96

Help: 2

Rate: 22
» | Topic author Helpful post? (0)

Post #7
16945532 08 Jan 2018 16:03

I understand, but it does not bother me because Play is poor at home with my range.
In the evening I get to work. I will let you know what and how. Thanks.
#8 16945536 08 Jan 2018 16:05

czuker czuker

Level 25

Posts: 1017

Help: 80

Rate: 68
» | Helpful post? (0)

Post #8
16945536 08 Jan 2018 16:05

I don't think that the fact that Facebook works after https affected the possibility of blocking traffic by URL filters. Have you tried doing that?
#9 16945586 08 Jan 2018 16:25

johnny5001 johnny5001

Level 12

Posts: 96

Help: 2

Rate: 22
» | Topic author Helpful post? (0)

Post #9
16945586 08 Jan 2018 16:25

No way. Even in a firewall router it clearly says that it does not block https pages. It was the first thing I did.
#10 16945602 08 Jan 2018 16:35

czuker czuker

Level 25

Posts: 1017

Help: 80

Rate: 68
» | Helpful post? (0)

Post #10
16945602 08 Jan 2018 16:35

Is blocking in the URL filter not working in the keyword filter?
because while content filtering doesn't seem obvious, I don't see why URL filtering doesn't work.
Az I will probably check on my old router.

And I won't look in the manual
#11 16945624 08 Jan 2018 16:47

johnny5001 johnny5001

Level 12

Posts: 96

Help: 2

Rate: 22
» | Topic author Helpful post? (+1)

Post #11
16945624 08 Jan 2018 16:47

See point 2 in my router's configuration. I checked it doesn't work
#12 16945632 08 Jan 2018 16:51

czuker czuker

Level 25

Posts: 1017

Help: 80

Rate: 68
» | Helpful post? (0)

Post #12
16945632 08 Jan 2018 16:51

Look at the bookmark name
#13 16945638 08 Jan 2018 16:54

johnny5001 johnny5001

Level 12

Posts: 96

Help: 2

Rate: 22
» | Topic author Helpful post? (0)

Post #13
16945638 08 Jan 2018 16:54

I know, but url will not go either. Try at home. I finish my work, I go home and I will fight there with a living organism.
#14 16946558 08 Jan 2018 21:49

czuker czuker

Level 25

Posts: 1017

Help: 80

Rate: 68
» | Helpful post? (0)

Post #14
16946558 08 Jan 2018 21:49

I am sorry to say that the manufacturer is right and blocking the URL in the case of pages after https does not work
I see no reason why it couldn't be done, but it doesn't work

As for OpenDNS - in the IP packet headers the server will see the public address, so in the common configuration it will be the router's address.
#15 16946874 08 Jan 2018 23:31

jprzedworski jprzedworski

Network and Internet specialist

Posts: 5366

Help: 758

Rate: 827
» | Helpful post? (0)

Post #15
16946874 08 Jan 2018 23:31

This is a common problem on many devices. Trend Micro gives this way. Maybe it will work:
https://en.community.trendmicro.com/tm_en/top...s-trend-micron-not-block-sites-with-https-www
Check Point also has this problem:
https://forums.checkpoint.com/forums/thread.jspa?threadID=20155
There is no problem when the device has SSL packet inspection, but it's not in Asus - another class.
#16 17348435 25 Jul 2018 10:18

johnny5001 johnny5001

Level 12

Posts: 96

Help: 2

Rate: 22
» | Topic author Helpful post? (0)

Post #16
17348435 25 Jul 2018 10:18

I'm closing the old topic. Everything worked for 2 minutes. I quickly worked it out by changing the DNS of the browser. Thank you for your interest.
Create an account, log in here and be active on the forum — ads won't appear. Earn points for registering and replying.

Install Elektroda application

Didn't find an answer? Ask Artificial Intelligence

*I agree to send the question to OpenAI, Anthropic PBC, Perplexity AI, Inc., Kagi Inc., Google LLC - owners of language models in order to prepare the best response. The companies may monitor and log information entered into the form.

*I agree to publicly display my question and answer. The question and answer will be publicly available to everyone. The process may take a few minutes. Upon completion, you will be redirected to the page with the answer.

Wait...(2min)

| New topic

Report a violation of the law

Topic summary

✨ The discussion revolves around the challenges of blocking Facebook on the Asus DSL-N12E-C1 router. Users express difficulties with URL filtering due to Facebook's use of HTTPS, which complicates blocking attempts. Suggestions include modifying the hosts file on Windows devices and utilizing OpenDNS for network-wide blocking. However, users note that blocking specific IP addresses may not be effective as Facebook frequently changes its IPs. The limitations of the router's firmware are highlighted, with recommendations for alternative firmware like DD-WRT for more robust blocking capabilities. The conversation concludes with the realization that changing DNS settings can bypass restrictions, rendering initial efforts ineffective.
Generated by the language model.

FAQ

TL;DR: On an Asus DSL‑N12E‑C1 you can’t reliably block Facebook at the router; “This Asus will not allow it.” Two options exist: hosts-file edits or OpenDNS. [Elektroda, Anonymous, post #16939189]

Why it matters: If you’re asking how to block Facebook/Messenger/Snapchat on this Asus, the built‑in URL filter won’t stop HTTPS traffic and quick workarounds exist.

URL/keyword filters on this model don’t block HTTPS pages; expect failures with facebook.com. [Elektroda, johnny5001, post #16945586]
Blocking a couple of IPs (e.g., 185.60.216.15/.35) won’t work; Facebook uses many ranges (AS32934). [Elektroda, WMichał, post #16944005]
OpenDNS can help, but switching a device’s DNS bypasses it (worked “for 2 minutes”). [Elektroda, johnny5001, post #17348435]
OpenDNS sees your router’s public IP; cellular data bypasses Wi‑Fi controls. [Elektroda, KOCUREK1970, post #16945347]

Quick Facts

Model limitation: the DSL‑N12E‑C1 firewall states it cannot block HTTPS pages via URL filters. [Elektroda, johnny5001, post #16945586]
Facebook hosting uses numerous networks (AS32934); single‑IP blocks are ineffective. [Elektroda, WMichał, post #16944005]
Two suggested workarounds in-thread: Windows hosts file or OpenDNS content filtering. [Elektroda, Anonymous, post #16939189]
Bypass risk: changing browser/device DNS defeated OpenDNS in about 2 minutes. [Elektroda, johnny5001, post #17348435]
Devices on mobile data aren’t filtered by your router at all. [Elektroda, KOCUREK1970, post #16945347]

Can I block facebook.com on an Asus DSL‑N12E‑C1 using the built‑in URL filter?

No. Owners confirmed the router’s URL/keyword filters don’t block HTTPS pages, so facebook.com still loads. The firewall UI even notes HTTPS isn’t filtered. Use network‑level DNS filtering or device‑level controls instead. [Elektroda, johnny5001, post #16945586]

Will blocking a few Facebook IPs like 185.60.216.15 and 185.60.216.35 work?

No. Facebook serves content from many IP ranges aggregated under AS32934, so blocking two addresses misses the rest. Effective IP blocking would require covering all Facebook prefixes, which this Asus cannot manage. [Elektroda, WMichał, post #16944005]

Is OpenDNS a viable way to block Facebook on this router?

Yes, OpenDNS can block domains at DNS lookup time. However, a user reported it was bypassed within 2 minutes by changing the browser’s DNS. Use router‑enforced or locked DNS and device restrictions to reduce bypasses. [Elektroda, johnny5001, post #17348435]

How does OpenDNS see my devices—individually or as one IP?

OpenDNS sees the public IP of your router, not individual LAN device IPs. That’s normal for home NAT setups. If a phone switches to mobile data, the router’s controls no longer apply. [Elektroda, KOCUREK1970, post #16945347]

Why doesn’t HTTPS blocking work here without extra features?

HTTPS encrypts the URL path, so simple URL filters can’t read it. “There is no problem when the device has SSL packet inspection, but it’s not in Asus—another class.” Enterprise gear with SSL inspection can filter it. [Elektroda, jprzedworski, post #16946874]

What’s the quickest way to block Facebook on a single Windows PC?

Edit the Windows hosts file to resolve Facebook domains to 0.0.0.0. This is device‑specific and easy to undo, but it works per‑PC without router changes. [Elektroda, Anonymous, post #16939189]

What is OpenDNS?

OpenDNS is a DNS resolver that offers category and domain blocking before connections are made. Point your router or device DNS to OpenDNS and enable its filtering policy for social networking. [Elektroda, Anonymous, post #16939189]

What is DD‑WRT, and could it help?

DD‑WRT is third‑party router firmware that adds advanced features, including iptables scripting. A contributor noted DD‑WRT can push a full Facebook/Messenger block list into iptables, unlike the stock Asus firmware. [Elektroda, WMichał, post #16944005]

What is an Autonomous System (AS32934)?

An Autonomous System is a collection of IP prefixes under one network operator. Facebook/Meta uses AS32934 to announce many IP ranges, which is why single‑IP blocks fail. [Elektroda, WMichał, post #16944005]

Can I rely on keyword filters to stop Facebook Messenger?

No. Keyword/URL filters on this model don’t see HTTPS content, and Messenger also uses varied endpoints. Use DNS filtering plus device policies, or firmware with SSL inspection/IP blocking at scale. [Elektroda, czuker, post #16946558]

How can users bypass router‑level DNS blocks?

They can set custom DNS in the browser or OS, use a VPN/proxy, or switch to mobile data. In this thread, changing the browser DNS bypassed OpenDNS in 2 minutes. [Elektroda, johnny5001, post #17348435]

What’s a realistic plan to block two specific home devices?

Combine OpenDNS on the router with per‑device restrictions. Lock DNS settings on each device and remove admin rights. This layered approach resists casual bypasses for two devices, as requested by the original poster. [Elektroda, johnny5001, post #16937470]

3‑step How‑To: Try OpenDNS on the DSL‑N12E‑C1

In the router WAN/DNS settings, set both DNS servers to OpenDNS addresses.
In your OpenDNS dashboard, enable the Social Networking block category and add facebook.com to block list.
Reboot router and clear device DNS cache; test on target devices. “Or as you write OpenDNS.” [Elektroda, Anonymous, post #16939189]

Edge case: Why does Facebook still open at work but not at home (or vice‑versa)?

Policies apply to the network enforcing them. At work, OpenDNS blocked sites; at home, changing DNS defeated it. Location, DNS settings, and whether the device uses Wi‑Fi or cellular determine results. [Elektroda, johnny5001, post #17348435]

Does the Asus demo UI help configure blocking?

The demo shows QoS and filtering menus, but the key limitation remains: HTTPS URL blocking isn’t supported. Don’t expect the demo’s URL filter to stop Facebook. [Elektroda, johnny5001, post #16945586]

If I must block by IP only, what’s the limitation?

You’d need to maintain an extensive, changing list of Facebook/AS32934 prefixes. The DSL‑N12E‑C1 lacks tools to import and update that list, making IP‑only blocking impractical here. [Elektroda, WMichał, post #16944005]