This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Firewall Blocking Page

Hi!

I am currently exploring Sophos based on my prior experience with it back in 2014. I am gradually migrating from my MikroTik setup to a Sophos Home Firewall, primarily due to its advanced security features.

I have set up Sophos Home Firewall on Protectli Vault Series mini-PC hardware, and it is functioning as expected. I have enabled Web, Application, Antivirus, and IPS filtering on my LAN-to-WAN firewall rules. Additionally, I have configured multiple WAN connections with SD-WAN for application-based rerouting, particularly for video and conference calls required for office work.

I have a question regarding the blocking page. Do I need to enable user authentication to display a more detailed blocking page that explains what content is being blocked and why? At present, the blocking page only shows the message: "Access Blocked: Policy block due to web category" (as seen in the left-side image).

How can I configure the blocking page to display the version shown on the right side?


Regards



This thread was automatically locked due to age.
  • Hi Kramnai,

    Thank you for reaching out to Sophos Community.

    Kindly check the following configuration via PROTECT>WEB>User Notification>Message for Block Action

    Also, see below post for additional reference

     Customizing Block Message for Web 

    Erick Jan
    Community Support Engineer | Sophos Technical Support
    Sophos Support Videos Product Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

    • Hi Erick, 

      Thank you for your reply! I have already enabled the "Message for block" action, but it is still using the "Access Blocked: Policy Block" message (as seen in the image).

      I also tried it on different browsers, but the result remains the same.

      Here is my settings;

      • The block page that you are seeing is not generated by the Sophos Firewall.  Do you have an endpoint solution or something else that is also doing blocking, that is perhaps blocking earlier?

        Try this:  Make sure you can go to a website (eg poker.com).  Then change your web policy to block Gambling.  Now go there.  Do you get the correct block page?

        • Thank you for your reply. I do not have any other security device that might be causing the block. While I have Bitdefender installed, URL filtering is not enabled on my PC. My office laptop uses S1, and both devices are showing the same blocking page, even on a freshly created Windows VM running on Proxmox with no antivirus installed. I’ve also tried your advice, but the block page still does not appear.

          • For the HTTPS sites, the certificate would need to be created for the block and signed by a CA.  Can you look at the certificate signer and see who it is signed by?

            • The blocked page is signed by Sophos SSL. Please see the image below.

              • Found the page, it is a fallback in DPI mode.


                Can you go to Administration, Admin and User settings > Admin console and end user interaction
                When redirecting users...

                By default it should be "Use the IP address of the first internal interface" and that is has the IP of the first LAN port.

                What do you have on the page (screenshot).  Can you change it to the configured hostname (assuming the client can DNS resolve the hostname).

                • Hi Michael,
                  Thanks for your help! It seems to be working now, but I think I also need to install the default certificate used by Sophos to avoid the "Your connection isn’t private" message. Alternatively, I could use Let's Encrypt to generate a certificate for the FQDN.

                  • It looks great now using an FQDN with Let's Encrypt SSL. Thank you for the help