Download von Excel-Dateien aus Internet nicht möglich

Hallo zusammen,

wir haben hier in der Firma eine Sophos UTM9 SG230 bei der wir seit 2-3 Wochen das Problem haben, aus dem B2B-Portal eines unserer Kunden keine Excel-Dateien mehr downloaden können.

PDF's, Word-Dateien, Zeichnungsdateien alles kein Problem. Aber bei Excel-Dateien bringen die Browser immer das Fenster, dass man sich mit dem Domain-User am Proxy authentifizieren muss. Nur wenn man hier die Login-Daten eingibt passiert nichts weiter, außer dass ständig diese Eingabemaske aufgeht und man den Login eintippen muss.

 

Zum Testen haben wir noch einen separaten DSL-Anschluss, der nicht über die UTM9 läuft.

Wenn man sich über diesen DSL-Anschluss im B2B Portal anmeldet, kann man die Datei problemlos herunterladen.

 

Testweise habe ich die komplette Ziel-Domain über "Web-Protection" - "Filteroptionen" - "Ausnahmen" auf die Ausnahmeliste gesetzt, aber der Download von Excel-Dateien funktioniert trotzdem nicht.

 

Ich bin über jeden Hinweis, der mir weiterhilft, dankbar.

  • Wie sieht die Ausnahme denn aus?

    Kannst Du Exceldokumente herunterladen mit rechter Maustaste -> Ziel speichern unter?

  • In reply to ThorstenSult:

    In der Ausnahmeliste wurden alle Optionen zum Auslassen des Scans angehakt und bei Ziel-Domain ist folgendes hinterlegt: https://dms.***.com, gleiches gilt für https://b2b.***.com, das b2b-Portal war aber bereits eingetragen.

    Die Sternchen stehen für die Kundendomain, wurden hier nur anonymisiert.

     

    Auch die Variante über Rechtsklick --> Speichern unter verhält sich genau so.

  • In reply to Florian Weidner:

    Trag das mal als regulären Ausdruck ein. Beispiel:^https?://([A-Za-z0-9.-]+\.)?domain\.de/

     

    und lasse die Authentifizierung aus.

  • In reply to ThorstenSult:

    Authentifizierung ist aus und die URL als RegEx eingetragen, leider immer noch keine Besserung.
    Komischerweise taucht immer noch die Eingabemaske für die Login-Daten auf.

     

    Was ich gerade noch zusätzlich getestet habe:
    wenn man den Link zur Excel-Datei aus der E-Mail das erste mal anklickt, taucht das Login-Fenster (im Hintergrund) auf. Klickt man dieses weg, lässt die Webseite aber offen und klickt den Link erneut an, wird die Excel-Datei geöffnet.

  • In reply to Florian Weidner:

    Scheint irgendwie merkwürdig. Nutzt Du den Webfilter AD-gesteuert? Lösch doch mal den Authentifizierungscache und starte den Webfilter auch nochmal neu.

     

    Nachtrag: Poste mal bitte Auszüge aus dem Livelog, wenn es zu dem Fehler kommt.

  • In reply to ThorstenSult:

    Ja der Webfilter ist AD-gesteuert. Den Authentifizierungscache habe ich gelöscht und den Webfilter neu gestartet.

    Anschließend habe ich nochmals Versucht mit dem User die Excel-Datei herunterzuladen, hier das verkürzte Livelog (gefiltert nach seiner IP) dazu:

    Astaro_Excel.txt
    2018:12:07-08:19:18 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xf3cb800" url="https://dms.***.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="75" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:18 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xf3cb800" url="https://dms.***.com/" referer="" error="" authtime="6" dnstime="0" cattime="0" avscantime="0" fullreqtime="76" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    
    2018:12:07-08:19:19 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xdae74400" url="https://dms.***.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="95" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:19 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xdae74400" url="https://dms.***.com/" referer="" error="" authtime="6" dnstime="0" cattime="0" avscantime="0" fullreqtime="83" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    
    2018:12:07-08:19:24 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="16364" request="0xf3cb800" url="https://dms.***.com/" referer="" error="" authtime="60" dnstime="2" cattime="0" avscantime="0" fullreqtime="5525752" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    
    2018:12:07-08:19:29 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xd7243600" url="https://dms.***.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="74" device="0" auth="2" ua="Microsoft Office Protocol Discovery" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:29 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xd7243600" url="https://dms.***.com/" referer="" error="" authtime="6" dnstime="0" cattime="0" avscantime="0" fullreqtime="78" device="0" auth="2" ua="Microsoft Office Protocol Discovery" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    
    2018:12:07-08:19:29 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="5297" request="0xd7243600" url="https://dms.***.com/" referer="" error="" authtime="35" dnstime="2" cattime="0" avscantime="0" fullreqtime="184975" device="0" auth="2" ua="Microsoft Office Protocol Discovery" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size" application="office" app-id="1156"
    
    2018:12:07-08:19:29 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xdae72000" url="https://dms.***.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="91" device="0" auth="2" ua="Microsoft Office Protocol Discovery" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:29 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xdae72000" url="https://dms.***.com/" referer="" error="" authtime="6" dnstime="0" cattime="0" avscantime="0" fullreqtime="74" device="0" auth="2" ua="Microsoft Office Protocol Discovery" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    
    2018:12:07-08:19:30 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="5329" request="0xdae72000" url="https://dms.***.com/" referer="" error="" authtime="35" dnstime="13" cattime="0" avscantime="0" fullreqtime="189064" device="0" auth="2" ua="Microsoft Office Protocol Discovery" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size" application="office" app-id="1156"
    2018:12:07-08:19:30 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xdb02e600" url="https://dms.***.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="103" device="0" auth="2" ua="Microsoft Office Protocol Discovery" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:30 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xdb02e600" url="https://dms.***.com/" referer="" error="" authtime="8" dnstime="0" cattime="0" avscantime="0" fullreqtime="144" device="0" auth="2" ua="Microsoft Office Protocol Discovery" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    
    2018:12:07-08:19:30 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="5329" request="0xdb02e600" url="https://dms.***.com/" referer="" error="" authtime="44" dnstime="2" cattime="0" avscantime="0" fullreqtime="183959" device="0" auth="2" ua="Microsoft Office Protocol Discovery" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size" application="office" app-id="1156"
    2018:12:07-08:19:30 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xd616cc00" url="https://dms.***.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="93" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:30 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xd738ca00" url="https://dms.***.com/" referer="" error="" authtime="8" dnstime="0" cattime="0" avscantime="0" fullreqtime="90" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    
    2018:12:07-08:19:30 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="10589" request="0xd7302c00" url="https://r20swj13mr.microsoft.com/" referer="" error="" authtime="31" dnstime="216" cattime="43877" avscantime="0" fullreqtime="118320098" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like Gecko" exceptions="av,sandbox,fileextension" category="105" reputation="trusted" categoryname="Business" application="micrsoft" app-id="1151"
    2018:12:07-08:19:30 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="10486" request="0xd6505e00" url="https://iecvlist.microsoft.com/" referer="" error="" authtime="55" dnstime="1" cattime="59" avscantime="0" fullreqtime="118321433" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like Gecko" exceptions="av,sandbox,fileextension" category="105" reputation="trusted" categoryname="Business" application="micrsoft" app-id="1151"
    2018:12:07-08:19:30 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="10358" request="0xd73c9600" url="https://iecvlist.microsoft.com/" referer="" error="" authtime="39" dnstime="2" cattime="70" avscantime="0" fullreqtime="118333365" device="0" auth="2" ua="" exceptions="av,sandbox,fileextension" category="105" reputation="trusted" categoryname="Business" application="micrsoft" app-id="1151"
    2018:12:07-08:19:30 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xdad6aa00" url="https://b2b-sso.***.com/" referer="" error="" authtime="7" dnstime="0" cattime="0" avscantime="0" fullreqtime="106" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:30 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="127" request="0xdad6aa00" url="https://b2b-sso.***.com/" referer="" error="" authtime="37" dnstime="2" cattime="0" avscantime="0" fullreqtime="73630" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:30 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xcd05b000" url="https://b2b-sso.***.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="82" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:30 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xd6506400" url="https://b2b-sso.***.com/" referer="" error="" authtime="6" dnstime="0" cattime="0" avscantime="0" fullreqtime="75" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:30 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="58" request="0xd6506400" url="https://b2b-sso.***.com/" referer="" error="" authtime="36" dnstime="12" cattime="0" avscantime="0" fullreqtime="73669" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:30 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xf3cb800" url="https://b2b-sso.***.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="85" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:30 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xf369800" url="https://b2b-sso.***.com/" referer="" error="" authtime="6" dnstime="0" cattime="0" avscantime="0" fullreqtime="75" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:30 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="58" request="0xf369800" url="https://b2b-sso.***.com/" referer="" error="" authtime="34" dnstime="2" cattime="0" avscantime="0" fullreqtime="72426" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:30 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xdac51000" url="https://b2b-sso.***.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="79" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:30 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xdac50a00" url="https://b2b-sso.***.com/" referer="" error="" authtime="8" dnstime="0" cattime="0" avscantime="0" fullreqtime="75" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:30 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="58" request="0xdac50a00" url="https://b2b-sso.***.com/" referer="" error="" authtime="39" dnstime="12" cattime="0" avscantime="0" fullreqtime="73781" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:30 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xdae75600" url="https://b2b-sso.***.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="77" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:30 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xcd062c00" url="https://b2b-sso.***.com/" referer="" error="" authtime="6" dnstime="0" cattime="0" avscantime="0" fullreqtime="79" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:31 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="58" request="0xcd062c00" url="https://b2b-sso.***.com/" referer="" error="" authtime="59" dnstime="2" cattime="0" avscantime="0" fullreqtime="73334" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:31 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xf36aa00" url="https://b2b-sso.***.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="82" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:31 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xd6505e00" url="https://b2b-sso.***.com/" referer="" error="" authtime="6" dnstime="0" cattime="0" avscantime="0" fullreqtime="75" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:31 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="m.goepfert" group="" ad_domain="RFPGMBH" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xd7302c00" url="https://b2b-sso.***.com/" referer="" error="" authtime="36" dnstime="0" cattime="0" avscantime="0" fullreqtime="7387" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    
    2018:12:07-08:19:34 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="557231" request="0xdae74400" url="https://dms.***.com/" referer="" error="" authtime="39" dnstime="2" cattime="0" avscantime="0" fullreqtime="15455429" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    
    2018:12:07-08:19:35 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="4784" request="0xd738ca00" url="https://dms.***.com/" referer="" error="" authtime="37" dnstime="2" cattime="0" avscantime="0" fullreqtime="5180141" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    
    2018:12:07-08:19:52 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xdae72000" url="https://b2b-sso.***.com/" referer="" error="" authtime="8" dnstime="0" cattime="0" avscantime="0" fullreqtime="117" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:52 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="58" request="0xdae72000" url="https://b2b-sso.***.com/" referer="" error="" authtime="54" dnstime="2" cattime="0" avscantime="0" fullreqtime="77102" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:52 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xcd05aa00" url="https://b2b-sso.***.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="96" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:52 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xcd203800" url="https://b2b-sso.***.com/" referer="" error="" authtime="7" dnstime="0" cattime="0" avscantime="0" fullreqtime="73" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:52 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="58" request="0xcd203800" url="https://b2b-sso.***.com/" referer="" error="" authtime="37" dnstime="2" cattime="0" avscantime="0" fullreqtime="73988" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:52 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xd616cc00" url="https://b2b-sso.***.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="114" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:52 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xd738ca00" url="https://b2b-sso.***.com/" referer="" error="" authtime="9" dnstime="0" cattime="0" avscantime="0" fullreqtime="122" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:52 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="58" request="0xd738ca00" url="https://b2b-sso.***.com/" referer="" error="" authtime="92" dnstime="3" cattime="0" avscantime="0" fullreqtime="73234" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:52 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xdad6aa00" url="https://b2b-sso.***.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="98" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    
    2018:12:07-08:19:52 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xd6506400" url="https://b2b-sso.***.com/" referer="" error="" authtime="7" dnstime="0" cattime="0" avscantime="0" fullreqtime="102" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    
    2018:12:07-08:19:52 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="58" request="0xd6506400" url="https://b2b-sso.***.com/" referer="" error="" authtime="42" dnstime="2" cattime="0" avscantime="0" fullreqtime="73992" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:52 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xd7302c00" url="https://b2b-sso.***.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="100" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:52 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xcd065000" url="https://b2b-sso.***.com/" referer="" error="" authtime="7" dnstime="0" cattime="0" avscantime="0" fullreqtime="114" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:52 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="58" request="0xcd065000" url="https://b2b-sso.***.com/" referer="" error="" authtime="44" dnstime="2" cattime="0" avscantime="0" fullreqtime="74541" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:52 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xa620400" url="https://b2b-sso.***.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="108" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:19:52 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xdafaec00" url="https://b2b-sso.***.com/" referer="" error="" authtime="8" dnstime="0" cattime="0" avscantime="0" fullreqtime="115" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    
    2018:12:07-08:20:02 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="m.goepfert" group="" ad_domain="RFPGMBH" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xd7183200" url="https://b2b-sso.***.com/" referer="" error="" authtime="38" dnstime="0" cattime="0" avscantime="0" fullreqtime="6660" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    
    2018:12:07-08:20:10 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="5096" request="0xd5f55e00" url="https://adservice.google.de/" referer="" error="" authtime="39" dnstime="50518" cattime="106" avscantime="0" fullreqtime="117694936" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko" exceptions="" category="145" reputation="trusted" categoryname="Search Engines" application="google" app-id="182"
    2018:12:07-08:20:10 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="53994" request="0xcd065600" url="https://www.gstatic.com/" referer="" error="" authtime="35" dnstime="25251" cattime="91" avscantime="0" fullreqtime="117889574" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko" exceptions="" category="177" reputation="trusted" categoryname="Content Server" application="google" app-id="182"
    2018:12:07-08:20:10 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="176518" request="0xcd205000" url="https://www.google.de/" referer="" error="" authtime="36" dnstime="2" cattime="82" avscantime="0" fullreqtime="118514899" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko" exceptions="" category="145" reputation="neutral" categoryname="Search Engines" application="google" app-id="182"
    2018:12:07-08:20:10 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="80659" request="0xa0e0000" url="https://www.google.de/" referer="" error="" authtime="36" dnstime="2" cattime="110" avscantime="0" fullreqtime="119762829" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko" exceptions="" category="145" reputation="neutral" categoryname="Search Engines" application="google" app-id="182"
    2018:12:07-08:20:10 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="12185" request="0xd6333800" url="https://ssl.gstatic.com/" referer="" error="" authtime="36" dnstime="26001" cattime="142" avscantime="0" fullreqtime="119098839" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko" exceptions="" category="177" reputation="neutral" categoryname="Content Server" application="google" app-id="182"
    
    2018:12:07-08:20:23 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xcd203800" url="https://dms.***.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="80" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:20:23 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xcd203800" url="https://dms.***.com/" referer="" error="" authtime="6" dnstime="0" cattime="0" avscantime="0" fullreqtime="99" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    
    2018:12:07-08:20:23 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xd616cc00" url="https://dms.***.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="98" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:20:23 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xd616cc00" url="https://dms.***.com/" referer="" error="" authtime="7" dnstime="0" cattime="0" avscantime="0" fullreqtime="84" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    
    2018:12:07-08:20:30 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="19795" request="0xcd203800" url="https://dms.***.com/" referer="" error="" authtime="37" dnstime="2" cattime="0" avscantime="0" fullreqtime="6831430" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    
    2018:12:07-08:20:31 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xd6507000" url="https://dms.***.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="98" device="0" auth="2" ua="Microsoft Office Protocol Discovery" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:20:31 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xd6507000" url="https://dms.***.com/" referer="" error="" authtime="6" dnstime="0" cattime="0" avscantime="0" fullreqtime="101" device="0" auth="2" ua="Microsoft Office Protocol Discovery" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:20:31 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="5297" request="0xd6507000" url="https://dms.***.com/" referer="" error="" authtime="36" dnstime="2" cattime="0" avscantime="0" fullreqtime="199925" device="0" auth="2" ua="Microsoft Office Protocol Discovery" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size" application="office" app-id="1156"
    2018:12:07-08:20:31 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xd738ca00" url="https://dms.***.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="96" device="0" auth="2" ua="Microsoft Office Protocol Discovery" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:20:31 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xd738ca00" url="https://dms.***.com/" referer="" error="" authtime="6" dnstime="0" cattime="0" avscantime="0" fullreqtime="80" device="0" auth="2" ua="Microsoft Office Protocol Discovery" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:20:32 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="1898" request="0xd738ca00" url="https://dms.***.com/" referer="" error="" authtime="37" dnstime="2" cattime="0" avscantime="0" fullreqtime="123147" device="0" auth="2" ua="Microsoft Office Protocol Discovery" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size" application="office" app-id="1156"
    2018:12:07-08:20:32 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xdad6aa00" url="https://dms.***.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="90" device="0" auth="2" ua="Microsoft Office Protocol Discovery" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:20:32 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xdad6aa00" url="https://dms.***.com/" referer="" error="" authtime="7" dnstime="0" cattime="0" avscantime="0" fullreqtime="79" device="0" auth="2" ua="Microsoft Office Protocol Discovery" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:20:32 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="5329" request="0xdad6aa00" url="https://dms.***.com/" referer="" error="" authtime="36" dnstime="2" cattime="0" avscantime="0" fullreqtime="194300" device="0" auth="2" ua="Microsoft Office Protocol Discovery" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size" application="office" app-id="1156"
    
    2018:12:07-08:20:32 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xd6504c00" url="https://dms.***.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="84" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:20:32 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xd73c6000" url="https://dms.***.com/" referer="" error="" authtime="6" dnstime="0" cattime="0" avscantime="0" fullreqtime="71" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:20:32 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xd73c8a00" url="https://b2b-sso.***.com/" referer="" error="" authtime="7" dnstime="0" cattime="0" avscantime="0" fullreqtime="105" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    
    2018:12:07-08:20:32 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="127" request="0xd73c8a00" url="https://b2b-sso.***.com/" referer="" error="" authtime="36" dnstime="13" cattime="0" avscantime="0" fullreqtime="74878" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:20:32 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xcd065600" url="https://b2b-sso.***.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="76" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:20:32 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xd6335600" url="https://b2b-sso.***.com/" referer="" error="" authtime="6" dnstime="0" cattime="0" avscantime="0" fullreqtime="77" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    
    2018:12:07-08:20:32 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="58" request="0xd6335600" url="https://b2b-sso.***.com/" referer="" error="" authtime="34" dnstime="2" cattime="0" avscantime="0" fullreqtime="73011" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:20:32 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xdacb2600" url="https://b2b-sso.***.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="74" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:20:32 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xd7302c00" url="https://b2b-sso.***.com/" referer="" error="" authtime="6" dnstime="0" cattime="0" avscantime="0" fullreqtime="76" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    
    2018:12:07-08:20:32 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="58" request="0xd7302c00" url="https://b2b-sso.***.com/" referer="" error="" authtime="35" dnstime="2" cattime="0" avscantime="0" fullreqtime="73460" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:20:32 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xcd065000" url="https://b2b-sso.***.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="83" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    
    2018:12:07-08:20:32 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xd65cd600" url="https://b2b-sso.***.com/" referer="" error="" authtime="5" dnstime="0" cattime="0" avscantime="0" fullreqtime="69" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:20:32 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="58" request="0xd65cd600" url="https://b2b-sso.***.com/" referer="" error="" authtime="32" dnstime="2" cattime="0" avscantime="0" fullreqtime="74385" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:20:32 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xd6238a00" url="https://b2b-sso.***.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="76" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:20:32 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xd61e3000" url="https://b2b-sso.***.com/" referer="" error="" authtime="6" dnstime="0" cattime="0" avscantime="0" fullreqtime="73" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:20:32 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="58" request="0xd61e3000" url="https://b2b-sso.***.com/" referer="" error="" authtime="59" dnstime="2" cattime="0" avscantime="0" fullreqtime="76106" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:20:33 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xd5f54c00" url="https://b2b-sso.***.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="92" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:20:33 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xd5f55e00" url="https://b2b-sso.***.com/" referer="" error="" authtime="7" dnstime="0" cattime="0" avscantime="0" fullreqtime="93" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    2018:12:07-08:20:33 astaro httpproxy[27212]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="" user="m.goepfert" group="" ad_domain="RFPGMBH" statuscode="407" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction=" ()" size="2531" request="0xd623fe00" url="https://b2b-sso.***.com/" referer="" error="" authtime="36" dnstime="0" cattime="0" avscantime="0" fullreqtime="6609" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    
    2018:12:07-08:20:33 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="10358" request="0xcd204400" url="https://iecvlist.microsoft.com/" referer="" error="" authtime="39" dnstime="2" cattime="126" avscantime="0" fullreqtime="180551983" device="0" auth="2" ua="" exceptions="av,sandbox,fileextension" category="105" reputation="trusted" categoryname="Business" application="micrsoft" app-id="1151"
    
    2018:12:07-08:20:36 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="557231" request="0xd616cc00" url="https://dms.***.com/" referer="" error="" authtime="37" dnstime="3" cattime="0" avscantime="0" fullreqtime="12798267" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    
    2018:12:07-08:20:37 astaro httpproxy[27212]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.68.2.157" dstip="***.***.***.***" user="m.goepfert" group="Internet-Vollzugriff" ad_domain="RFPGMBH" statuscode="200" cached="0" profile="REF_HttProMartinprd (Martin-PRD)" filteraction="REF_HttCffInternetvo (Internet-Vollzugriff)" size="4784" request="0xd73c6000" url="https://dms.***.com/" referer="" error="" authtime="36" dnstime="2" cattime="0" avscantime="0" fullreqtime="5184570" device="0" auth="2" ua="" exceptions="av,sandbox,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
    
    

  • In reply to Florian Weidner:

    Mhh, im Log scheint nichts Auffälliges zu sein.

     

    Wenn Du den Webfilter mal komplett deaktivierst bei temporärer Freischaltung von Websurfing in den Firewallregeln? Was passiert dann?

  • In reply to ThorstenSult:

    Ich hab den entsprechenden PC für "Websurfing" in den Firewallregeln freigeschalten. Leider ohne Besserung.

    Anschließend zusätzlich noch den Webfilter kurzzeitig komplett deaktiviert. Da konnte er dann auf gar keine Webseite mehr zugreifen.
    Das liegt vermutlich da dran, dass die Astaro als Proxy im System eingetragen ist und diese aber jetzt nicht mehr antwortet, wenn der Webfilter deaktiviert ist oder?

     

    Ich wollte das jetzt nicht all zu lange deaktiviert lassen, nicht dass es Probleme bei anderen Systemen und Servern mit der Verbindung gibt.
    Noch irgendwelche Ideen, an was das liegen könnte.

  • In reply to Florian Weidner:

    Achso, Standardmodus und nicht transparent?

     

    Dann schmeiß doch die Proxyeinstellungen im System vorübergehend raus, damit der Client am Proxy vorbei geht.

  • In reply to ThorstenSult:

    Kann auch sein, wenn Du sowas wie Sharepoint im Unternehmen hast, dass Du den Proxy für lokale Adressen umgehen musst.

     

  • In reply to Florian Weidner:

    Hallo Florian,

    Erstmal herzlich willkommen hier in der Community !

    (Sorry, my German-speaking brain isn't creating thoughts at the moment. Sad)

    You've made some assumptions that are incorrect.  Start by studying the Proxy Concepts and Proxy Bypass sections of Securing and Configuring Web Filtering.  To understand why your manual firewall rule had no effect, study #2 in Rulz.

    In the logs you've shown, statuscode="407" means that the user is not allowed to access that URL.  It sounds like you're experiencing authentication failure in some cases.  Just as a prophylactic measure, un-join the UTM from your domain by using incorrect credentials for joining in WebAdmin and then re-join by using good credentials.  Review Configuring HTTP/S proxy access with AD SSO, paying special attention to the admonition to use an FQDN instead of a numeric IP for the Proxy server in browsers.

    MfG - Bob (Bitte auf Deutsch weiterhin.)

  • First, verify that all of the traffic flows through the webfilter

    • Does the BB run on HTTP or HTTPS or FTP?
    • Does it use the standard ports (80, 443, 21) or non-standard ports?
    • If FTP, how are you filtering FTP.  There are three options: Standard Web, Standard FTP, or Transparent FTP?
    • Does the BB require a login?   If so, do the login and the download use the same port or different ports?

    Second, you should always check the IPS log to see if something in the Excel file is causing an alarm.

    However, I am guessing that:

    • You are using Standard Web Proxy, which supports HTTP, HTTPS, and FTP.
    • You are using Active Directory Single Sign On (which requires NTLM information passed by the browser)
    • The BB uses FTP
    • The user is downloading with Chrome

    This combination causes authentication problems, because Chrome does not pass NTLM information that UTM can use.   

    You can solve the problem by:

    • Using IE as your browser, or
    • Creating an exception to not require authentication for ^ftp:// sites.

    I do not know why you only have the problem with Excel files.