How do I allow access to iTunes®?

Article #: Product Castle
1738 Guardian All


How to configure the Guardian web filter to allow iTunes access.



Users are unable to get through to iTunes when going through the Guardian web filter.


The iTunes application accesses multiple different domains. Those domains are sometimes changed by Apple®. Smoothwall have created a category called iTunes to help; we add any new domains to the iTunes category as they are being used by Apple. Guardian is updated every time you refresh the blocklist (System > Maintenance > Licenses).

To allow access, you should create a whitelist policy for the iTunes category, and exclude it from authentication for the relevant groups.

  1. From the Smoothwall administration user interface, add the following categories to authentication exceptions:
    • SSL/CRL
    • Software Updates
    • Authentication Exceptions
    • iTunes
  2. Create a web filter policy with the following:
    • Who: Everyone
    • What: Authentication Exceptions, SSL/CRL, Software Updates, iTunes
    • Where: Everywhere
    • When: Always
    • Action: Whitelist
  3. Move the newly created policy above any block or blanket block policy in place for the Unauthenticated IPs group in the Web filter polices table.

You may have this group in a policy folder in position 2 in the table by default if you did not have Unauthenticated IPs allowed to use the web proxy prior to migrating.


Last updated: Author: Contributions by:
23 August 2016