Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 6 replies
  • Answers 1 answer
  • Subscribers 3 subscribers
  • Views 23934 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Loxone webinterface and websocket

traxxus

Hi

I am using the transparent webproxy with Sophos UTM 9.3.

When i try to access an Loxone(1) webinterface (Port 80) i can open the page and type in the credentials, but login is not possible.

Chrome debug says: 

WebSocket connection to 'ws://xxx.xxx.xxx.xxx/ws/' failed: Error during WebSocket handshake: Unexpected response code: 400

There are no errors or blocked pages in the proxy log. It just don't work.

Disabling the web proxy is the only cure. So i think it's an bug in the UTM web proxy. I can't contact the support, because i am an home user.

If an Sophos employee or forum mod want to test this for debugging, send me an PM/email so i can send you the website with the credentials.

(1) Loxone is an self hosted home automation server.



This thread was automatically locked due to age.
  • 0
    Please show the related line from the Web Filtering log file when this error occurs.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0

    2016:02:17-14:32:53 fw httpproxy[5679]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.200.61" dstip="xxx.xxx.xxx.xxx" user="" ad_domain="" statuscode="304" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="0" request="0x1532d000" url="xxx.xxx.xxx.xxx/Login.html" referer="" error="" authtime="0" dnstime="297" cattime="244" avscantime="0" fullreqtime="27658360" device="0" auth="0" ua="Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.109 Safari/537.36" exceptions="" category="9998" reputation="unverified" categoryname="Uncategorized" country="Germany"
    2016:02:17-14:32:53 fw httpproxy[5679]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.200.61" dstip="xxx.xxx.xxx.xxx" user="" ad_domain="" statuscode="304" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="0" request="0x1532d000" url="xxx.xxx.xxx.xxx/loxCSSCommon.css referer="xxx.xxx.xxx.xxx/Login.html" error="" authtime="0" dnstime="0" cattime="226" avscantime="0" fullreqtime="101528" device="0" auth="0" ua="Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.109 Safari/537.36" exceptions="" category="9998" reputation="unverified" categoryname="Uncategorized"
    2016:02:17-14:32:53 fw httpproxy[5679]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.200.61" dstip="xxx.xxx.xxx.xxx" user="" ad_domain="" statuscode="304" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="0" request="0x1532f000" url="xxx.xxx.xxx.xxx/login.js referer="xxx.xxx.xxx.xxx/Login.html" error="" authtime="0" dnstime="324" cattime="153" avscantime="0" fullreqtime="35696748" device="0" auth="0" ua="Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.109 Safari/537.36" exceptions="" category="9998" reputation="unverified" categoryname="Uncategorized" country="Germany"
    2016:02:17-14:32:53 fw httpproxy[5679]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.200.61" dstip="xxx.xxx.xxx.xxx" user="" ad_domain="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="24470" request="0x1532d000" url="xxx.xxx.xxx.xxx/favicon.ico" referer="xxx.xxx.xxx.xxx/Login.html" error="" authtime="0" dnstime="0" cattime="204" avscantime="0" fullreqtime="410623" device="0" auth="0" ua="Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.109 Safari/537.36" exceptions="" category="9998" reputation="unverified" categoryname="Uncategorized" content-type="text/plain"
    2016:02:17-14:32:56 fw httpproxy[5679]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.200.61" dstip="xxx.xxx.xxx.xxx" user="" ad_domain="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="82" request="0x1532f000" url="xxx.xxx.xxx.xxx/.../mac" referer="xxx.xxx.xxx.xxx/Login.html" error="" authtime="0" dnstime="0" cattime="233" avscantime="0" fullreqtime="2814169" device="0" auth="0" ua="Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.109 Safari/537.36" exceptions="" category="9998" reputation="unverified" categoryname="Uncategorized" content-type="application/json"
    2016:02:17-14:33:02 fw httpproxy[5679]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.200.61" dstip="xxx.xxx.xxx.xxx" user="" ad_domain="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="152" request="0x1532f000" url="xxx.xxx.xxx.xxx/.../getkey referer="xxx.xxx.xxx.xxx/Login.html" error="" authtime="0" dnstime="0" cattime="219" avscantime="0" fullreqtime="6143644" device="0" auth="0" ua="Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.109 Safari/537.36" exceptions="" category="9998" reputation="unverified" categoryname="Uncategorized" content-type="application/json"
    2016:02:17-14:33:02 fw httpproxy[5679]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.200.61" dstip="xxx.xxx.xxx.xxx" user="" ad_domain="" statuscode="400" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="92" request="0x1543d000" url="http://xxx.xxx.xxx.xxx/ws/" referer="" error="" authtime="0" dnstime="354" cattime="239" avscantime="0" fullreqtime="90128" device="0" auth="0" ua="Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.109 Safari/537.36" exceptions="" category="9998" reputation="unverified" categoryname="Uncategorized" country="Germany" content-type="text/html"

  • 0 in reply to traxxus
    statuscode="304" means there was a conditional GET and the server says the page is unchanged.

    statuscode="200" means the access was successful, but fullreqtime="6143644" is already an indication that the server doesn't like the Proxy.

    statuscode="400" means the server definitely doesn't like the Proxy.

    If an Exception for 'URL Filtering' and 'Anit-Virus scanning' doesn't resolve this, then you will need to add the dstip to the 'Transparent mode skiplist' (I'm guessing you're in that mode).

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    Thank you for the answer. Your idea with the Transparent Mode Skiplist is the only working solution. (Exceptions don't work)
  • 0

    I have the same problem, just different server,  do you found a solution? 

    2017:08:10-23:53:22 utm httpproxy[7002]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.1.188" dstip="XXX.XXX.XXX.XXX" user="" group="" ad_domain="" statuscode="405" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="98" request="0x11847800" url="http://XXX.XXX.com/api/socket" referer="" error="" authtime="0" dnstime="35371" cattime="515" avscantime="8300" fullreqtime="150136" device="0" auth="0" ua="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36" exceptions="" category="9998" reputation="unverified" categoryname="Uncategorized" sandbox="-" content-type="text/xml"

    sophos UTM version: 9.502-4

  • 0 in reply to gustavojalbor

    This is more likely an error at XXX.XXX.com, Gustavo.  Here's what 405 means:

    405 Method Not Allowed

    A request was made of a resource using a request method not supported by that resource: for example, using GET on a form which requires data to be presented via POST, or using PUT on a read-only resource.

     

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML