IPS Inspection of SSL traffic
After looking through the UTM 9 features it looks like Web Filtering and Web Application Firewall offer a SSL inspection. It's my (potentially flawed) understanding that WAF and Web Filtering do not equal IPS.
Is IPS blind to SSL traffic or is there…
SSL Certificate error Outlook 2013
We are starting to get Certificate alerts in outlook for users that are accessing office 365 or google calendar directly i Outlook 2016/2013.
Under Web Protection - Web Filtering - HTTPS we have URL filtering only marked.
Any suggestions on how to…
Using differing SSL certificates for WebAdmin and user Portal
Good evening Community,
I am a relativley new user of Sophos UTM. I have managed to manually install an Let's Encrypt certificate for the WebAdmin & User portal and that works fine. Next Step, automating this.
However, in order to get to the Webadmin…
Still no SYSLOG encryption options?
Sophos UTM 9 on AWS
Firmware: 9.408-4
I'm not seeing any options for encrypted SYSLOG - is this still not possible?
I did see this post from a few years ago in which the advice is to raise it as a feature request.
I understand that I can send…
SSL inspection in transparent mode
I'm trying to make sense of SSL inspection functionality in transparent mode.
There are two related sections in the manual (9.408) :
- Page 322: SSL scanning: Select to skip SSL scanning for the webpage in request. ...Note that for technical reasons…
Remote Access Issues: DNS not resolving & Android cannot connect
Hey All, I've successfully setup HTML5 Remote Desktop VPN, SSL and LT2P/IPsec, I can connect to them all via desktop PCs using the Sophos client for SSL and built-in Windows VPN for L2TP/IPsec.
The issue is, I cannot get my Android phone to connect…
SSL Certificate not showing in Email Protection/Advanced/TLS Settings, but in Certificate list
I have purchased a certificate from Digicert and am trying to get the SMTP proxy to use it for TLS.
I've been able to import it into Remote Access/Certificate Management and it appears with the basic details (expiry date, fingerprint, etc).
But when…
RE: SSL VPN issue after UTM upgrade to 9.404-5
Hello,
I had the same issue this last 15 days.
After many test, it's worked for me.
I think that this settings are important for SSL VPN to work.
In the both Server and Client UTM the hostname must match the public ip address. (Check by Whatismyipaddress…
SSL VPN not working with Android devices
Hello @all,
I am having problems accessing my internal network through SSL VPN with my Android devices (Sony Xperia Z5 and Z4 Tablet with both Android 6) and the OpenVPN App..
After connecting to the UTM I want to access an internal Website or a…
PCI scan is getting a different SSL
So Riddle me this Batman...
We have been running some PCI scans for one of our websites and one of the warning alerts that they are giving us is that the SSL cert that we are using is self signed. We are running the scan on the client's domain "domain…
user portal & certificates
I would like to increase security by handing out certificates manually to specific users. Right now, they can log into the User Portal and download the client software with the certificate. I would like them to continue doing that, but only be able to…
Plex Web Protection Exceptions
Hello,
Here is what I had to set as exceptions in order to get Plex to successfully work remotely, download metadata, and download images. The movie agents I use are: Freebase, The Movie Database, and MoviePosterDB.
Plex Skip Checks:
Skipping: SSL…
RE: UTM dropping traffic from PCs with Teamviewer Host(?)
Not sure if you already found a fix for this or if it's related. I was having issues connecting to Teamviewer clients after enabling the "Decrypt and scan" option (Web Filtering > HTTPS > HTTPS Scan Settings) in a Transparent Mode filter profile. The…
SSL Certificate import not working
Hello,
when trying to import a new PKCS#12 certificate using the GUI following german error message is displayed: Die VPN-ID muss eine E-Mail-Adresse sein
In English: The VPN-ID has to be an e-mail-address.
Using the method Upload there is no possibility…
Web filtering with URL filtering only and BYOD
Hello,
I have a question about the configuration of my UTM. At the moment here is the situation :
I have a UTM with FQDN
I have two types of computers in my network :
Computers who can have UTM certificate
BYOD in which i cannot ad the…
SSL Weak Ciphers and Deprecated SSLv2 and SSLv3 Protocol Detection
I am currently in charge of doing internal PCI vulnerability scans for the company I work for and we are currently using openVas for our vulnerability scanner. When scanning our UTM instance I keep receiving the following Vulnerabilities - Check for SSL…
OpenVPN where are the options ?
While setting up the SSL VPN I was able to make a few configurations on my test remote client with multiple working VPN connections to the Sophos UTM all using the SSL VPN. But when I clean up and setup, how I would like, I found out that the user portal…
Web server protection: How do I use both port 443 and 993 at the same time?
Hello everyone,
I have a mail server I would like to place behind the UTM's Web Application Firewall. I need to open ports 443 (ssl) and 993 (ssl over imap) as our mail server uses both ports. I have no problem setting up the real and virtual web servers…
Web Protection With Subordinate CA
I was researching the idea of using a subordinate CA in Web Protection for HTTPS decryption and scanning. The idea behind this is that, instead of trying to deploy/re-deploy a new certificate for this to function, that I would use a subordinate CA created…
HTTP Scanning funktioniert nur mit vielen Ausnahmen
Hallo,
ich nutze hier zu hause eine UTM und habe nun mal das https scanning aktiviert.
Natürlich habe ich das Zertifikat an allen Geräten eingespielt. Windows Rechnern und iOS Geräten. Soweit funktioniert es auch, trotzdem muss ich massig Ausnahmen…
DROWN Vulnerability: Blocking SSLv2 with UTM9
Hello,
I would like to write a firewall rule to drop all SSLv2 traffic attempting to travel through our UTM because of the DROWN vulnerability . We have a couple of servers susceptible to the attack and it would be nice to first block the attack at…
Skype for Business Exceptions When Using SSL Filtering
Skype for Business is unable to sign in when SSL filtering is enabled. Does anyone know what exceptions need to be added to get it to work?
Since 9.354/355: Mobile devices on WiFi or Cellular networks can no longer send emails with attachments to internal ActiveSync server.
Reference:
We are using the SG230 at UTM 9.355001 with Full Guard as of 12:35AM today. Our UTM appliance manages all inbound and outbound and internal traffic.
Issue:
Since we have deployed 9.354 (and all updates since), all of our mobile devices…
SSL VPN Cannot Connect
I have just setup SG 125 using UTM 9.3. I have been trying to get the SSL VPN to work and been unsuccessful. I had help directly from Sophos for the setup as well as I have double-checked my setup from the guides. Our main DNS/AD server is a Small business…
Slow OpenVPN (kinda fixed) - Help with exceptions
Hi,
So I have kind of fixed the slow ssl/openvpn issue, but I can't seem to find a way to put the exception in.
- Part 1 of the fix was to disable the UDP flood protection - get 1.5-2mbit (otherwise caps out ~0.5mbit) - Part 2 disable IPS get full…