dell sonicwall netextender client being blocked by web security

My UTM is preventing me from using my NetExtender client to VPN to my work's sonicwall.  I get the following messages in the web filtering log:

2017:08:31-06:55:42 utm httpproxy[2124]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="GET" srcip="172.16.28.100" dstip="12.155.111.130" user="" group="" ad_domain="" statuscode="502" cached="0" profile="REF_HttProContaInterAp (Steiners)" filteraction="REF_HttCffKids2 (Kids)" size="12288" request="0xbfc67800" url="x.x.x.x/.../sslvpnclient referer="localhost/.../welcome" error="Connection reset by peer" authtime="0" dnstime="10" cattime="224" avscantime="0" fullreqtime="248778" device="0" auth="0" ua="SonicWALL NetExtender for Windows 8.6.256 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1)" exceptions="" country="United States" category="9998" reputation="unverified" categoryname="Uncategorized" country="United States"
2017:08:31-06:55:57 utm httpproxy[2124]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="GET" srcip="172.16.28.100" dstip="12.155.111.130" user="" group="" ad_domain="" statuscode="502" cached="0" profile="REF_HttProContaInterAp (Steiners)" filteraction="REF_HttCffKids2 (Kids)" size="16384" request="0xe4e8a000" url="x.x.x.x/.../userLogout" referer="localhost/.../welcome" error="Connection reset by peer" authtime="0" dnstime="4" cattime="320" avscantime="0" fullreqtime="274958" device="0" auth="0" ua="SonicWALL NetExtender for Windows 8.6.256 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1)" exceptions="" country="United States" category="9998" reputation="unverified" categoryname="Uncategorized" country="United States"

 

If I turn off the Steiners profile, I can connect with no problem.  I've tried adding this ip as a trusted website, adding the "SonicWALL NetExtender for Windows 8.6.256 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1)" as a trusted application, but cannot get this to work.  Any ideas would be much appreciated.  Thank you in advance.

  • Standard or Transparent proxy?  Https inspection on or off?  My guess is that you eill have to configure proxy bypass (transparent mode skiplkist or proxy script Direct mode

  • error="Connection reset by peer"

     

    For some reason the sonicwall is dropping the connection.  Some systems get very finicky about exactly what they expect to see.  Best thing would to use an exception, and if that fails, the skiplist.

  • Hi, Patrick, and welcome to the UTM Community!

    As Michael said, try an Exception for Antivirus.  If that doesn't work, assuming you're in Transparent mode, you'll need to use the Transparent Mode Skiplist on the 'Misc' tab of 'Filtering Options'.

    Cheers - Bob

  • In reply to DouglasFoster:

    Transparent proxy, https inspection is on.  I have tried both an exception and a skiplist with no success.

  • In reply to PatrickSteiner:

    If you're still seeing the traffic in the Web Filtering log after configuring the Skiplist, you have a problem there.  Show us a picture of the Skiplist and of the definition open in Edit with 'Advanced' also visible.

    Cheers - Bob

  • In reply to BAlfson:

    Thanks for the input Bob.  Here the picture your requested:

  • In reply to PatrickSteiner:

    Get ready for a face-palm, Patrick. Big Smile

    '

    '

    '

    '

    '

    Wait for it...

    '

    '

    '

    '

    '

    '

    '

    '

    '

    '

    '

    Put that definition in the 'Destination' box, not the 'Source' box.

    Cheers - Bob

  • In reply to BAlfson:

    DOH!  Blushing now.....put it in the destination box, and automagically everything is working!  Thank you for your persistence!