This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Webfilter slowing down (not blocking) print job

Hi guys,

I have a rather curious problem. We have a IPSec tunnel to one of our branch offices - these employees are working on our Terminalserver here at HQ. They have a KonicaMinolta printer over there.

Yesterday the called me and complained that the print job they start from the Terminalserver here to the printer over there are unreasonably slow. I investigated and found the culprit - to my surprise, it was the Webfilter on our UTM. When I turn it off the print jobs are flying over there in a second- is the Webfilter activated it takes up to a good minute.

In the log I can see this:

fw-2 httpproxy[17058]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="GET" srcip="10.1.XXXXX" dstip="10.3.XXXX" user="" group="" ad_domain="" statuscode="504" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="0" request="0xab94300" url="http://10.3.XXXXX/OpenAPI/DeviceDescription/" referer="" error="Connection to server timed out" authtime="0" dnstime="224" aptptime="151" cattime="172" avscantime="0" fullreqtime="60345634" device="0" auth="0" ua="OpenAPI60DrvLibrary" exceptions="" category="9998" reputation="unverified" categoryname="Uncategorized"


Of course I dont want the Webfilter turned off indefinitely (too dangerous with these people ;) so I created an exception in the Webfilter Filtering Options:


This doesnt seem to be enough. Are there any other settings I could enable that would completely bypass the whole thing?

Thanks and best regards,

Constantin



This thread was automatically locked due to age.
Parents
  • Hallo Constantin,

    If that Exception didn't suffice, you will need to skip the Proxy for dstip="10.3.XXXX".  See 'Skip Transparent Mode Destination Hosts/Nets' on the 'Misc' tab of 'Filtering Options'.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • Hallo Constantin,

    If that Exception didn't suffice, you will need to skip the Proxy for dstip="10.3.XXXX".  See 'Skip Transparent Mode Destination Hosts/Nets' on the 'Misc' tab of 'Filtering Options'.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children