This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Can not access a particular https site

Hi,

I was able to access this particular site (https://sls.ncsl.com.pg/Account/Login) a month ago but now I can not access it at all. I can access it outside our company LAN network but can't access is behind the SG 310 firewall appliance.

Have not done any changes (updates,DNAT,etc) to the firewall since I am bit new to Sophos SG 310 Forewall appliance. We have transparent mode enabled.

Can be able to access other sites (Both http and https). I have added the site into website list in filtering option tab but still the same issue.

I urgently need help to resolve it so my stuffs can access.

thanks



This thread was automatically locked due to age.
  • Have you checked your logs?  Web Protection log?  What happens when you try to go there?  Are you watching the log file try to access it at the same time? 

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • I have checked the logs and nothing logged. Also Tried accessing it and viewed the web filtering live logs but nothing was captured simultaneously.

  • So are you getting any kind of time out page?  Can you ping the host?

    I can get to that site, but it takes me quite a while for it to load.  You might be experiencing that on another level of waiting period than I am.  It is remarkably slow for me.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • Yes I can ping the host. When I try to access the site it takes too long and comes back with "the site cant be reached..site takes too long to respond".

    Usually it does not take too long. It come up with in 2mins or so.

  • Try testing with HTTPS inspection enabled, as it gives you much better detail and it gives you results in real-time.   Without inspection, UTM creates a single log entry when the session ends.   You are probably not seeing the entry because you are watching for it to appear when the end-of-session had not yet been detected.

    Also check the IPS logs.   An IPS block will produce a timeout symptom.

    When using the live log, be sure that the filter is based on the source IP address, not the target URL.   Most large websites include content from many different sources, so a filter based on the destination address will omit critical infomation.

     

  • Hi,

    did you already tried the URL with the Policy Test?

    Regards

    Martin

  • I ran into a very similar situation across all three of my UTMs where I couldn't access a random selection of HTTPS websites despite not changing my configuration. The websites that were failing weren't the same between the UTMs, but they all showed the same behavior of not being able to load the website but I could still ping them. The only way I could fix the problem was by resetting each UTM to factory default and reconfigure them from scratch.

  • What did you do to resolve this Dominic?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA