"This site can’t be reached" error

Hi,

 

the Suntrust website (maybe some other) is not being reached through our Sophos Firewall. When I hotspot my phone to the computer, the website site loads fine.

 

I restored Sophos with a one-week old config file, but the problem still here. The firewall is configured to allow any external IP.

 

Any idea?

 

 

Thank you!

  • Hi again,
     
    Just an update to my program.
     
     
    this is the log of my access:
     
    2017:06:15-16:36:03 sterlingate httpproxy[21247]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.1.1.57" dstip="167.181.46.199" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo (Regular Users)" filteraction="REF_HttCffRegulUsers (Regular Users)" size="214" request="0x11d4d200" url="onlinebanking.suntrust.com/" referer="" error="" authtime="0" dnstime="13" cattime="0" avscantime="0" fullreqtime="35096" device="0" auth="0" ua="" exceptions="av,auth,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
     
    Looks like the same as the others, but for this, the page does not load.
     

    This site can’t be reached

    onlinebanking.suntrust.com unexpectedly closed the connection.

    Try:

    ERR_CONNECTION_CLOSED
  • In reply to Fabiano Melo:

    Hi, Fabiano, and welcome to the UTM Community!

    It doesn't look like anything in the UTM is causing that.  Try clearing your browser cache or another browser.  Any luck?

    Cheers - Bob
    PS Moving this thread to the Web Protection forum.

  • In reply to BAlfson:

    Hi BAlfson, good morning!

     

    Yes, I also did not believe was Sophos causing that, but I had no more options.

     

    That page was not loading in 3 computers inside our company (probably on all, but only 2 people and I need access to that website), plus in one remote computer using VPN and on my phone if I connected to the WiFi. Connecting these same computers to a mobile hotspot the page loads well.

     

    But, I just came to the work this Monday, and guess what was the first page that I tried to open? Yes, the SunTrust webpage. And the page is now loading fine, with any changes since past Friday. I have no idea what happened, but I'm happy with that! :)

     

    Anyway, thank you all so much for the help. This forum is awesome! I found a lot of ideas here!

     

    Have you all an excellent week!

  • In reply to Fabiano Melo:

    Okay,

     

    now I'm not happy anymore...

     

    Same error again. No changes were made since this morning. Tested on my computer, and on my phone using wifi. Works fine when connected to mobile data on the phone.

     

    It's so weird... :(

     

    This site can’t be reached

    sso.suntrust.com unexpectedly closed the connection.

    Try:

    ERR_CONNECTION_CLOSED
     
  • In reply to Fabiano Melo:

    Hi,

     

    just found a new website with the same problem: https://support.apple.com

     

    This one is also a https page, but not all https pages are having problem :/

     

    ####################

    UPDATE:

     

    Apple website is now working after enabling the option "Do not proxy HTTPS traffic in transparent mode" in Web Protection -> Web Filtering -> HTTPS

    SunTrust still not

  • In reply to Fabiano Melo:

    I would get a ticket open with Sophos Support, Fabiano.

    Cheers - Bob

  • In reply to Fabiano Melo:

    OMGosh, I've been having the same issue since last year after an update.  I'm a Home User and do not get support, so it doesn't leave me many options.

    If I turn off the Proxy (transparent or not) some websites cannot load and give SSL errors.  I have a single firewall rule going out that allows everything. Odd thing is, once I turn on the Transparent Proxy, the sites work.  However, the proxy causes issues with other sites and streaming. 

    With Proxy off, ALL security features turned off, and a single firewall rule --> The above Apple website, itunes will not connect, www.firstbankcard.com, www.mysynchrony.com, and a few others I can't remember right now.

    I've done a packet capture with WireShark and can see TCP resets coming from the firewall, but no idea what is causing them. Nothing gets logged to my Splunk instance either.

    I've been prowling the forums and trying everything I can find.  I even thought maybe I had malicious software on my PC and reloaded Windows, I've setup a new FW from scratch and have the same issues.  If Support helped you out, could you please share? 

     

    Thanks.

  • In reply to Brett Hansen:

    Hi, Brett, and welcome to the UTM Community!

    You might try #1 in Rulz.  (Also, for a more in-depth discussion of #2 through #4, see Doug Foster's READ ME FIRST: UTM Architecture.)

    Any luck with #1?

    Cheers - Bob