Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 5 replies
  • Subscribers 39 subscribers
  • Views 26825 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to Disable Virus Scans and Content Filtering for Streaming URLs Like Hulu, Netflix Just for the Devices Like Roku, Apple TV, FireTV

TalaRyu

Changed form UTM 9 to XG firewall and have to get used to the menu system and layout.  I am trying to get Hulu to steam to my Roku.  But when the Roku calls for the stream it starts to load and drops out.  The Web filter log viewer shows it is allowed.  On my UTM 9 I had to make an exception for the URL and disable the antivirus and web contend filtering, and SSL validation.  How can I do this with the XG Firewall?



Edited Tags
[edited by: Erick Jan at 11:21 PM (GMT -7) on 15 Sep 2022]
  • 0
    Hi Tala,
    have you tried to create a Web Content Filter Bypass under Protection > Web Protection > Http Scanning Rules?
    Luk
  • 0 in reply to lferrara

    Yes. I added two with the Source IP Address *, and Destination IP Address *, One is "^https?://[A-Za-z0-9.-]+\.hulu\.com" the other is "^https?://[A-Za-z0-9.-]+\.huluim\.com" both with the Action set to Bypass. The only way I can get it to work so far is to turn off the Malware Scanning for HTTP under the Policies tab and edit my only #Default_Network_Policy.

  • 0
    There seems to be a bug in web filters using HTTP bypass regex rules. I had to disable web filters altogether, see other thread "Streaming services blocked" for my fix.
  • 0

    I did a work around by creating a Network Policy above my default policy so that Scanning and Web filtering can remain on the the rest of my network.

    The in new policy is set up with a new network for that has the static IP of my Roku as the Source Network, and with Services to Allow HTTP and HTTPS, and the Malware Scanning for HTTP OFF and HTTPS OFF, the Web Filtering set to None

      *Make sure the Match rule based on user identity is turned off if you what to make it a network policy and not a user one, especially if you don't have users setup.. X-|

  • 0 in reply to lferrara
    Can you provide the details to the bypass you are recommending? From what I've read here and elsewhere, Sophos and Hulu/Netflix are not compatible. At least if you plan to use the web filtering options in Sophos XG.
Unfiltered HTML