Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 12 replies
  • Answers 1 answer
  • Subscribers 39 subscribers
  • Views 33974 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Firefox Insecure Connection

tom greene

Hey,

I am having problems with web opening websites using Firefox. Some pc's in my network have no problem and some have problems that wont allow any google related https website to be opened with firefox. And there is no option to add an exception either. I have not installed any certificates or have never enabled https scanning since i started using the xg firewall.

A screenshot of the error is given below

 

I dont have https decryption on and i have even turned off http and ftp scanning. I dont understand why it happens on a few laptops only and works fine on others. The version of Firefox is the same on all of the laptops. 

 

I just installed the xg firewall and this started happening after i made a few custom firewall rules and a few web filter policies. 

I have even tried after disabling the web filter polices but still no luck. 

Chrome works fine. 

A few computers on the network are having problems with chrome and not firefox. so something weird is going on. 

 

1. Are there any other settings that i need to change?

2. Are there any other services that might be scanning https other than the options in the firewall rule?

3. I have made a firewall rule that blocks google udp 443 so i have that set to REJECT or should it be Drop? and is there a different rule i have to make for Firefox?

4. Do i have to make a deny rule at the bottom of all the firewall rules or is that a given default?



This thread was automatically locked due to age.
  • 0 in reply to rfcat_vk

    Well i havent even installed any certificate or turned on https scanning so it doesnt make sense. 

    Then i even installed the local Certificate from the appliance and it still doesnt work. 

    Since it works on some systems and not on others i think it is some sort of local issues on some of the pc's. 

  • 0 in reply to tom greene

    Hi Tom,

    Redownload the Appliance CA from the XG and try to install it on the affected system by following the steps:

    1. Open the Microsoft Management Console by typing "MMC" in the "Run" box.
    2. Open Add or Remove Snap-ins by selecting FILE > ADD/REMOVE SNAP-IN...
    3. Select Certificates from the list and click Add to display the Certificates Snap-in window.
    4. Select the Computer Account and click Next.
    5. Click Finish and close the list of snap-ins.
    6. Click OK to add the certificates snap-in, which should now be visible in the Add/Remove Snap-ins window.
    7. Expand the list of certificate containers, right click Trusted Root Authorities and choose All Tasks > Import to start Certificate Import Wizard.
    8. Import the Certificate downloaded in step 2 using this wizard.

    If that doesn't help then it should be a local system issue.

    Cheers-

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

Unfiltered HTML