Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 8 replies
  • Subscribers 1 subscriber
  • Views 7559 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web Filter Profile with Endpoint protection not working well

ShlomiSherman

Hello,

I have a sophos with 2 Ethernet legs, one connected to a bridged modem, and the other to the LAN (there is no domain),

I have a test vm computer on ESXi (sophos is on ESXi too), a Desktop and a laptop (that belongs to my partner).

I have created a test profile that blocks weapons sites (using sophos's web protection test site),

 

I want to create a web profile with specific computer groups to block them from entering certain sites, but to have all other computer groups free access.

the problem is, when i activate the profile, all of my computers are affected (i installed the AV in the desktop with disabling the web protection)



This thread was automatically locked due to age.
  • 0

    If I understand correctly, your configuration should work as you want if you delete "Internal (Network)" from 'Allowed Networks' in the Profile.  Did that help?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Thank you for replying BAlfson,

    but when i remove the internal network from allowed networks, the profile does not work at all, if i do add the internal network, then it all starts to act really weird, like getting certificate errors (or insecure connection in firefox) and having all of the computers in the network get affected from the testing group (which has 1 computer)

  • +1 in reply to ShlomiSherman

    That should have worked.  Please get a ticket open with Sophos Support and then let us know what actions others need to take to get fixed.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Thank you for replying BAlfson, but i have the free sophos product, I don't believe i can open a ticket with Sophos Support...

  • 0

    Hi,

    What block message do you get when all the computers are affected?

    Can you show us screenshot of each page of configuration?

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • 0 in reply to sachingurung

    hello sachingurung , thank you for replying.

    I will be happy to give as much screenshots as needed 

     

    Web Filtering:

    Test Filter Action:

    Profile:

    Errors I get when entering with a computer who is not in the allowed endpoint groups

    trying to get into youtube:

     

  • 0 in reply to ShlomiSherman

    Hi,

    The block message shows that the website is blocked under Entertainment category for which the action is blocked in the test filter you configured in the 2nd screenshot. You can always verify that which profile/action block the website through Policy Test option available in the Web Protection tab. The last error screenshot says that you don't have the appliance Certificate installed as the trusted root CA, you can find the CA available in the certificate management option.

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • +1 in reply to sachingurung

    Hi,

    by the love of me... i have no idea what happened that it's now working [^o)]

    same thing happened with the RDP subject.... (made 0 changes, now it's working...)

     

     

    P.S.

    well, i did remove the Internal network from allowed network according to BAlfson .... but i did that as well before...

    so marking BAlfson answer as right (probably i might have made a mistake somewhere)

Unfiltered HTML