Return to Filtering

Transparent filtering on your 172.* network

As of January 2019, transparent filtering can be deployed on a school’s curriculum network (172.* range). This is easily achieved by making a few changes within your SafetyNet account. Previously the only methods for users to experience a filtered internet session, were through one of the following ways;

1)  A device connects to a school’s 172.* network  – with proxy settings entered

2)  A device connected to a school’s 10.* network (the transparent proxy) – with proxy settings disabled

However, schools can now deploy wireless devices, without the need to enter proxy settings for devices on the 172.* network.  You can also decide which filtering policy (WF1/WF3 etc) you want assigned to this internet traffic. You can set this up on just one internal 172.* IP address if you wish – or you can configure it on an entire block of addresses. This functionality is ideal for devices that do not support a proxy server.  Also in smaller schools it allows you to easily implement a guest wireless network.

There are however some things to be mindful of and these include:

1) If you use proxy exclusions to restrict access to certain websites, this won’t work when transparent filtering is enabled.  As the user will simply be redirected to the transparent proxy instead.  E.g. you want to restrict twitter.com and to do this you add that URL to the users proxy exclusion, which currently would force the URL to bypass the proxy therefore getting a page cannot be displayed error.  However if you enable transparent filtering the same configuration would send the URL to the proxy therefore displaying the website.

2) You can also only set one filtering level for all users therefore you need to consider who is accessing the network.

3) We would still recommend that non managed BYOD devices are kept separate from your curriculum network.

Advice on where to navigate to within your SafetyNet account, can be found here: Transparent filtering