This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web filtering issues using Microsoft Edge

Have run into a weird issue and wonder if anyone has seen this.

 

On our domain joined machines (only domain joined, issue does not present if not domain joined), we have been having issues accessing corporate URLs when using Edge.

 

The pages fail to load with the generic "Hmmm...can't reach this page" error from Edge.

 

After a long search it was discovered that the sites would load if the Sophos Web Filter service was stopped.  If you stopped this service, loaded any of the sites, you could then start the service and all would be well, even following reboot.

This led us to the discovery that stopping the service allowed for the writing of this reg key:

 

[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\TabProcConfig]

"corporatedomain.com=dword:00000179

 

This works within Windows 10, but not Windows 7.

 

Any ideas how to resolve this issue?



This thread was automatically locked due to age.
Parents
  • We're also seeing this issue on our domain machines but only those that have 1709+ installed. Had a 2 hour webex with a developer last week in order to try and move things forward. Whitelisting the IP address of one site seems to mean that users can visit any site after visiting that one site. 

  • HI,

    if you disable the webfilter for a minute, or whitelist the IP, then have the machine visit the blocked site, Sophos will write a registry key here:

     

    [HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\TabProcConfig]

     

    With an entry of <your domain> and a value of dword:00000179

     

    Once that registry key is in place, removing the whitelist, or re-enabling the webfliter will not affect the machine ... it can view the formerly blocked sites without issue.

     

    Although this represents a workaround (you can push out the reg key, or whitelist as needed), a workaround is not a solution.

  • I don't think that Sophos controls that key in any way.  If you look who writes it, it's MicrosoftEdge.exe and it's read by MicrosoftEdgeCP.exe and MicrosoftEdge.exe.



    Did adding the site to the trusted or intranet zone help as it did in my test?

    Regards,
    Jak

Reply
  • I don't think that Sophos controls that key in any way.  If you look who writes it, it's MicrosoftEdge.exe and it's read by MicrosoftEdgeCP.exe and MicrosoftEdge.exe.



    Did adding the site to the trusted or intranet zone help as it did in my test?

    Regards,
    Jak

Children