Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Stop! This website is blocked

Hello everyone, 

Recently i noticed a bunch of tickets regarding the following.

i want to go on facebook, but facebook is blocked.

instead of the blocked page i get Error code: SEC_ERROR_UNKNOWN_ISSUER(firefox) or NET::ERR_CERT_AUTHORITY_INVALID(chrome)

it works fine if i install the sophos certificate.

I understand that the certificate must be pushed to end devices,  however i can not ask guest users to install the sophos certificate. 

I also understand that that this can be secured with a public cert.

This seems so random, as for some customers works just fine, but for others not.


I can not ask 200+ customers to buy a certificate to display a blocked page on guest networks. 

Can anyone advise?

Kind regards,

Dragos



This thread was automatically locked due to age.
Parents
  • Hello Dragon,

    If you want to use facebook.com website then you have to check that in which category this URL belongs to by selecting option (URL category lookup) in Diagnostics .

    Also you will have to create a web policy to access website which you want by selecting particular users or network.

    I hope this will help you !

    Kind regards,

    Vaibhav 

  • Hi,

    I dont want to access facebook. i want to see the blocked page instead of a certtificate error

  • Please make up your mind, original post says you want to go to facebook, the next reply says you don’t.

    if you are seeing a certificate error means you have your security wrong, if you want to block Facebook you need a rule that blocks access at network level eg Facebook fqdn in destination network in a block firewall rule at the top of your list.

    ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

Reply
  • Please make up your mind, original post says you want to go to facebook, the next reply says you don’t.

    if you are seeing a certificate error means you have your security wrong, if you want to block Facebook you need a rule that blocks access at network level eg Facebook fqdn in destination network in a block firewall rule at the top of your list.

    ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

Children
No Data