This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

CR25iNG, cannot access specific government website

This is not just an issue with the CR25iNG, but also with other Cyberoam UTMs we have installed across the enterprise...

Issue:  Cannot access:  www.g5.gov (receive error, "This site can't be reached" www.g5.gov took too long to respond)

This happens ONLY if web filtering on the firewall rule is set to anything except "None." "Allow All" still prevents access to that particular web page.

One other detail I've noticed is that www.g5.gov is an IPv6 website while our gateway is IPv4.  Does filtering break during IPv translation?

 

Any ideas, anyone?  Help?

 

 

 



This thread was automatically locked due to age.
Parents
  • Hi  

    Thank you for reaching out to us, As per my understanding, you are facing the issue when web filter policy applied on the firewall rule.

    We request you to verify below steps to troubleshoot the issue further.

    1. Please create source based (IP/Host-based) firewall rule and position the rule on top of LAN to WAN zone
    2. Apply the web filter policy
    3. Disable Pharming protection or make sure DNS IP address should be the same for user system and Cyberoam firewall
    4. Please go to Anti-Virus and disable "Deny Unknown Protocol"
    5. If you have enabled HTTPS scanning, please install Cyberoam SSL certificate in the user system.
    6. Please navigate to Log Viewer and check for Web filter logs and verify if you found any denied logs for the website, you can apply IP based filter to sort the logs

    Regards,

    Keyur
    Community Support Engineer | Sophos Support
    Sophos Support VideosKnowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link

Reply
  • Hi  

    Thank you for reaching out to us, As per my understanding, you are facing the issue when web filter policy applied on the firewall rule.

    We request you to verify below steps to troubleshoot the issue further.

    1. Please create source based (IP/Host-based) firewall rule and position the rule on top of LAN to WAN zone
    2. Apply the web filter policy
    3. Disable Pharming protection or make sure DNS IP address should be the same for user system and Cyberoam firewall
    4. Please go to Anti-Virus and disable "Deny Unknown Protocol"
    5. If you have enabled HTTPS scanning, please install Cyberoam SSL certificate in the user system.
    6. Please navigate to Log Viewer and check for Web filter logs and verify if you found any denied logs for the website, you can apply IP based filter to sort the logs

    Regards,

    Keyur
    Community Support Engineer | Sophos Support
    Sophos Support VideosKnowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link

Children
No Data