Web Filtering does not work

Hi everybody!

I am trying to get web filtering on a SG230 firmware version 9.508-10 running but am not successfull.

For testing purposes I created a filter policy for just one host. Filter action is block nudity. The policy test tool suggests that I did configure it right because testing http://www.sophos.com/ gives “Allowed” as result and testing http://www.sex.com gives “Blocked” as result.

On the appropriate host I use Internet Explorer 11. LAN Settings in Internet Explorer are set to “Automatically detect settings”
When operation mode is “Standard mode” the host can browse http://www.sophos.com/ which is obviously ok.
The same is true when browsing http://www.sex.com/ which should be blocked.
When operation mode is “Transparent mode” the host can not browse to any website
When operation mode is “Transparent mode” and the host tries to browse http://www.sex.com/ it gets a “Content blocked” page from the SG230 which is obviously ok

Disabling “Automatically detect settings” in the browser does not change anything.

So what am I missing or where could I do further investigations?
The Web Filtering Access live log only shows the blocks it did when I browsed to http://www.sex.com getting the “Content blocked” page.

Any help will be appreciated

Thanx in advance

Martin

  • Web Filtering works very well.   Your title should have been "I don't know how to make web filtering work."   I have my issues with Sophos and UTM, but I get a defensive when you post a headline that misrepresents the product.

    Please read the material in the Wiki, and the Web Filtering lessons learned document.   It sounds like you tried to do Standard Mode without configuring a standard mode script, and as a result, nothing was configured.

  • Servus Martin and welcome to the UTM Community!

    Never select 'Automatically detect settings' in your browser when using the UTM as a proxy.  If Web Filtering is in Standard mode, use an FQDN as the 'Address' in [LAN Settings].  If in Transparent mode, do not select 'Use a proxy server ...' in [LAN Settings].

    You will want to read and come back to the entries DouglasFoster recommends.  Also, you might be interested in a document I maintain that I make available to members of the UTM Community, "Configure HTTP Proxy for a Network of Guests."  If you would like me to send you this document, PM me your email address.  Ich behaupte auch eine deutsche Version, die ursprünglich vom Mitglieder hallowach übersetzt wurde, als wir zusammen im Jahre 2013 eine große Revision machten.

    Cheers - Bob