Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.
Guys can you propose best practices for diagnosing problems with Webfilter?
Until now I was trying to look at Webfilter log and create webfilter scanning exception rules using regular expressions. But I have still one service which does not work even when I have created scanning "Bypass" rules.
Hi Slawski,
You can utilize Packet Capture to is intercept and logging traffic. This capture utility captures packets according to specified criteria and displays values of various fields in the packet. These fields include connection details and details of policies applied on the packet by each module like Rule ID, User or Group Name, Web Filter ID and Application Filter ID etc.
Step 1: Configure Capture Filter
Go to System > Diagnostics > Packet Capture and click Configure to configure the Capture Filter according to parameters given below.
For a particular host you can Enter the BPF String as "host 10.10.10.1"
Step 2: Capture Packets
Once Capture Filter is configured, start capturing packets by turning the Packet Capture On. Turn it Off once you have enough packets to analyse.
Step 3: Analyse Packets
Click on any packet to analyse it, as shown below. The details of the selected packet are displayed in the Packet Information section.
This will help you analyse, which Firewall Rule routes the traffic. A handy tool to monitor the Flow.
Hope that helps :)
Cheers
Sachin Gurung
Sachin Gurung
Team Lead | Sophos Technical Support
Knowledge Base | @SophosSupport | Video tutorials
Remember to like a post. If a post (on a question thread) solves your question use the 'This helped me' link.
