Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 14 subscribers
  • Views 1206 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

MCS client doesn't use system proxy (WPAD)

MassimoDalla Giustina

On a Windows10 with system proxy configured via WPAD, the MCS component doesn't use this configuration and goes directly via gateway.

These are the logs from McsClient.log:

2021-03-17T13:33:55.889Z [ 5088: 6040] [v4.13.16.0] INFO GET mcs2-cloudstation-eu-central-1.prod.hydra.sophos.com:443/.../...
2021-03-17T13:33:55.917Z [ 5088: 6040] [v4.13.16.0] INFO 200 : sent=0 rcvd=140 elapsed=28ms
2021-03-17T13:33:55.917Z [ 5088: 6040] [v4.13.16.0] INFO Establishing push connection
2021-03-17T13:33:55.919Z [ 5088: 6040] [v4.13.16.0] INFO [push]: [connect] trying server mcs-push-server-eu-central-1.prod.hydra.sophos.com/ps
2021-03-17T13:33:55.919Z [ 5088: 6040] [v4.13.16.0] INFO [push]: [connect] trying direct connection without a proxy
2021-03-17T13:33:55.919Z [ 5088: 6040] [v4.13.16.0] INFO GET mcs-push-server-eu-central-1.prod.hydra.sophos.com:443/ps
2021-03-17T13:33:56.021Z [ 5088: 6040] [v4.13.16.0] INFO 200 : sent=0 rcvd=0 elapsed=102ms
2021-03-17T13:33:56.022Z [ 5088: 6040] [v4.13.16.0] INFO [push]: [connect] using server mcs-push-server-eu-central-1.prod.hydra.sophos.com/ps without a proxy (peer address 52.28.112.0)
2021-03-17T13:33:56.031Z [ 5088: 6040] [v4.13.16.0] INFO (async) GET mcs-push-server-eu-central-1.prod.hydra.sophos.com:443/.../....
2021-03-17T13:33:56.130Z [ 5088:18160] [v4.13.16.0] INFO (async) 503 : conntime=98ms
2021-03-17T13:33:56.130Z [ 5088: 6040] [v4.13.16.0] WARN (async) connection timeout
2021-03-17T13:33:56.131Z [ 5088: 6040] [v4.13.16.0] WARN [push]: error creating async stream: 0
2021-03-17T13:33:56.131Z [ 5088: 6040] [v4.13.16.0] INFO [push]: Dropping connection after error

What is the reason why the MCS doesn't use the system proxy?

Thansk

Max.



This thread was automatically locked due to age.
Parents
  • 0

    Hi GlennSen

    thanks for your answer. I already considered both documents. Following the KB-000034818 I can't specifiy/use the WPAD configuration. If I manually specify the proxy (not using WPAD), the MCS can communicate inside the corporate network but not when the client is outside, so this can't be the solution.

    Also I already permitted the host/domain and ports on the Sophos SG firewall but the problem we discovered is that the MCS first call https://mcs-push-server-eu-central-1.prod.hydra.sophos.com:443 and this pass the firewall but then it calls also for su-*.mcs-push-server-eu-central-1.prod.hydra.sophos.com and this is blocked because we can't define wildcard on the firewall rules.

    The MCS must support also the system proxy configuration WPAD.

     Max.

Reply
  • 0

    Hi GlennSen

    thanks for your answer. I already considered both documents. Following the KB-000034818 I can't specifiy/use the WPAD configuration. If I manually specify the proxy (not using WPAD), the MCS can communicate inside the corporate network but not when the client is outside, so this can't be the solution.

    Also I already permitted the host/domain and ports on the Sophos SG firewall but the problem we discovered is that the MCS first call https://mcs-push-server-eu-central-1.prod.hydra.sophos.com:443 and this pass the firewall but then it calls also for su-*.mcs-push-server-eu-central-1.prod.hydra.sophos.com and this is blocked because we can't define wildcard on the firewall rules.

    The MCS must support also the system proxy configuration WPAD.

     Max.

Children
No Data
Unfiltered HTML