Hi everyone!
I have problem with the feature Decrypt & Scan HTTPS is checked.
The situation is this, I am blocking facebook and youtube during office hours and to be able to block also facebook and youtube mobile apps I enable the Decrypt & Scan HTTPS…
I recently got a new Android device running the latest version of Android, Android Oreo 8.0.0. Having connected it to wifi at my workplace I find that I am unable to browse to Google in Chrome, even with the CA certificate from the Sophos UTM installed…
Hello!
Because we have to upload many HTTPS validation CAs to the UTM and the UTM does not have
an option to upload more than one CA at a time, we wrote a small script which uses the RESTful API.
The script works fine and I can see all uploaded…
Hi,
Our company using Office 365 email.
Sometimes we are getting an security alert from MS Outlook saying that "The security certificate was issued by a company you have not chosen to trust..." as attached below:
Please advise how to solve this…
After a year, I've decided to try Sophos XG again. Currently using UTM 9.5 - which has its issues, but works well.
I am trying to find out how to force all web requests through the proxy port. Sadly, I'm not getting far with Sophos XG.
If I add a…
Hi,
XG has an poor detection rate in webfiltering, e.g. when trying to open websites of denied web categories like "nudity" or trying to open malware infected pages.
Is this caused by putting new websites in wrong web categories, or is this because…
I have recently started using the home version of the Sophos XG firewall. I am currently testing the transparent HTTPs feature with the self-signed certificate which comes with the firewall. While it seems to work well with windows devices once the certficated…
Hello Community,
could please anyone advice me how to import UTM WebProxy Certificate for HTTPS scanning on MacOS?
I am completely familiar with this process on Windows but not on Mac.
Thanks for help.
Pavel
Hi,
If I open a website once, it's blocked. If I open it twice, it won't get blocked!
Why does web filtering blocks some websites one time and a few seconds later not?
Thanks in advance - Meghan
Good day,
today I switched to Realtime scanning in Web>Protection>MalwareScan mode.
Now the downloads are much faster, but when I try to download EICAR Testfile, there is no "Virus Found" Notification.
The file won't be downloaded, but I only…
I need to be able to exclude Splashtop and logmein from SSL Inspection for them to work. I tried ^[A-Za-z0-9.-]*\.splashtop\.com/ which lets me connect through the client, but I am not able to remote into any machines. I am assuming that is because the…
Hi,
Since Google updated Chrome to their latest version , I'm getting the following error on my clients machines (that are connected to the Web Appliance) on their browser :
ERR_CERT_COMMON_NAME_INVALID
I have disabled HTTPS scanning on the Appliance…
I know this has been posted about several times, but I wanted to share what I used to get it working while not eliminating the ability to log Google searches which happens for me when I add the following as an exception...
^https?://([A-Za-z0-9.-]*…
Hi all,
As I am getting more familiar with my new XG firewall, I am naturally wanting to do more and more things. I've started looking at the deep-packet inspection/HTTPS Decrypt and Scan functionality. I've seen the discussions on this board about…
Hi All,
I've decided to give HTTPS scanning ago, however, when deploying the certificate via GPO it's intermittently working. Sometimes gets removed etc or even though it's there, the websites still giving security alert page on chrome.
I'm using…
Hi,
i am testing the v16.05 GA for use the sandstorm you have any luck with this feature?
i activate the http/https scan and Detect zero-day threats with Sandstorm and i get in all pages error 500 o 502
Thanks...
HI Everyone,
The application may be blocked due to HTTPS scanning and would need to disable the HTTPS scanning from the firewall rule to allow the traffic .
Solution :
The Web filter should show the URL's used to connect with its server, You may…
We are facing an issue of blocked requests when using the "Decrypt & Scan HTTPS" option for certain sites.
Here is an example:
https://channel9.msdn.com/ works
https://channel9.msdn.com/blogs works (it gets redirected to https://channel9.msdn.com…
Hello,
I seem to be having issues connecting to the HTTPS webpages for ESXI and Vcenter. My PC's are in the zone LAN and my https websites are in the zone LAB. I can connect to the sites fine using IP. When i try to connect to the sites using the…
Hello,
I was having issues with the BackBlaze software agent not getting full upload (backup) speed regardless of the number of threads I gave it. Since the agent encrypts the files before uploading, there is no reason to have the firewall attempt to…
Hello,
After much troubleshooting, here is what I had to unblock to get the Ubisoft Uplay desktop client to work without any issues:
I had to create a HTTPS decryption exception with the following URLs
local[0-9]*-mtl-[0-9]*\.ubisoft\.qc\.ca/ steamcdn…
Hi,
Currently my device XG-135 is running on V16.01.2, and it is weird to see that it is blocking unknown protocol traffic. Although "Block unrecognized SSL protocol " option is disabled under Web--> Protection. Below screenshots for reference.
…
Using new 16.02 version XG firewall with https decryption & scanning enabled (bridge or gateway mode no difference)
Onedrive uploads files successfully.... But cannot successfully complete any downloads....
Have tried excepting the network storage…
Having an issue at a client where we installed an XG firewall, a Java application that has no problem outside the firewall refuses to load, Java complains of SSL certificate errors. Have configured exceptions for the site that hosts the app but it still…