Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 42 subscribers
  • Views 3490 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

an web link is blocked by Sophos XG, even I remove the web policy

changqing li

 

I set up an Sophos XG as web proxy on customer network,   today an end user told me that he cannot open one importent link,  there is a error page show up after customer click the link,  it shows that Sophos block the website,    below is the website,  it can be opened by internet,  but cannot open in customer network.

http://www.windmann-catering.de/webservice/index.php?accessid=d283e4d1c7364851e62b7858faae0fbb

I think it should be web policy problem  , then I remove the policy as none,   but the site is still blocked,

 

then I remove the application control, IPS and scan http,   but the site is still blocked.   I am totally confused,  now I have only firewall rules,  all other web protection already removed,  why the website is still blocked?   who can help me to solve this problem,  thanks.



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to lferrara

    If you hit F12 and look at the traffic.  It gets the initial page which contains only an iframe, loading data from an IP address using port 81.

    http://80.147.112.51:81/speiseplan/sites/basic.php?accessid=d283e4d1c7364851e62b7858faae0fbb

     

    If you are using transparent mode:

    In 17.5 you need to make sure that port 81 is allowed by your firewall rule.  It will not go through any web filtering.

    In 18.0 you need to make sure that port 81 is allowed by your firewall rule.  It will be scanned by DPI mode.

     

    If you are using standard mode:

    Web > General Settings > Allowed Destination Ports.

    Add port 81 there.

     

    The block page is a generic one that just gives the category, it doesn't have the underlying problem.

  • 0 in reply to Michael Dunn

    Hallo,

    thanks for your information,  I added the port 81 on allowed destination ports,  the error has been changed from block site to "cannot access site",   the problem is still there,   I cannot open this link via Sophos XG,    there is only one standard firewall rules as web proxy on Sophos XG,  how to solve this problem?

     

     

Unfiltered HTML