Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 11 replies
  • Answers 1 answer
  • Subscribers 41 subscribers
  • Views 9444 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

web exceptions not working

chanklish

Hello 

i have 3 XG sophos and the web exceptions is not working on any of them 

per example : ^([A-Za-z0-9.-]*\.)?login.superservice\.com/?  wont open the page

if i go to on a non firewall pc it works but not on xg

 

same for web.powertrackafrica.com , i have to open everything for it to work 

 

what should i do , i need specific websites only to work for everyone 



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to Mitko

    Hi,

    I just tried the login to the site and did not require an exception.

    What web and application policies are you using that cause the site to require an exception?

    When to try to login what does the log viewer -> web show as the failing reason?

    Ian

    XG115W - v20.0.1 MR-1 - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    i want to block all internet for certain people except this website 

    nothing is shown on the logs 

    support is working remotely to verify

     

  • 0 in reply to Mitko

    same ..website doesnt open

  • 0 in reply to chanklish

    Traffic can be blocked by IPS and Application control.

    Did you check their logs?

  • 0 in reply to Mitko

    according to support : The web exceptions would only for for web filter module. As firewall would have a higher priority over web filter the traffic will no go to the web component. In this setup you have two options. 1) create a FQDN for selected sites or 2) set the firewall rule 1 as allow and use web filter Deny All. Then the policy of web exceptions would work. Also set application filter while using option 2 to block applications so they would not use a tool to bypass the firewall. In your setup I would advise option 1 as list of allowed websites is limited.

     

    So if u want to allow some websites for all or several folks only you have to create a firewall rule with destination the fqdn of the sites you want

     

    had to check with google network debugger to allow all the fqdn needed and it works - but i still believe the exception should be prior to firewall 

Unfiltered HTML