This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM SG210 Web Filtering not Working with Chrome

Erik Puscher over 1 year ago

Hello,

we had setup "Web Filtering" on our SG210 and are using the "Proxy Auto Configuration".

For testing i browse to a forbidden website.

Firefox and Edge are blocking the content correctly.

But Chrome does not.

Proxy settings are rolled out via GPO.

As far as i can see, all is set up correctly. Windows Internet Options are pointing to the correct wpad.dat. The wpad.dat code seems correct since Firefox and Edge are blocked.

I found the following in the discussions. But i can't find such an option on our SG210.

Web filtering not working with chrome

Do you have any clues?

This thread was automatically locked due to age.

Top Replies

BAlfson over 1 year ago in reply to Erik Puscher +1 suggested

Erik, two days ago, you said, " I blocked QUCIK by blocking UDP 443 and 80 via firewall rule. But the problem still exists." If one of your 'Allowed Target Services' is UDP 443, then Web Filtering allows…

Parents

0 dirkkotte over 1 year ago

Hi,
Chrome browsers are also filtered in my environments like other browsers.
But Google implements some "privacy optimizations". (like Apple his privacy proxy)
Here the DNS requests or the complete web requests use a tunnel (VPN) .
So your firewall can't see anything.
Here, the “quick protocol” is usually used.
You can try blocking “quick protocol” within your rules.
.... but maybe there is something new ... from the "security sheriff google"

Dirk

Systema Gesellschaft für angewandte Datentechnik mbH // Sophos Platinum Partner
Sophos Solution Partner since 2003
If a post solves your question, click the 'Verify Answer' link at this post.
Cancel
Vote Up 0 Vote Down

Cancel
0 Erik Puscher over 1 year ago in reply to dirkkotte

Thanks for your help. I blocked QUCIK by blocking UDP 443 and 80 via firewall rule. But the problem still exists.

So sadly this wasn't (the only) solution.
Cancel
Vote Up 0 Vote Down

Cancel
0 Erik Puscher over 1 year ago in reply to PhilippRusch

It is standard mode.
Cancel
Vote Up 0 Vote Down

Cancel
0 PhilippRusch over 1 year ago in reply to Erik Puscher

Did you change the standard proxy port?

Mit freundlichem Gruß, best regards from Germany,

Philipp Rusch

New Vision GmbH, Germany
Sophos Silver-Partner

If a post solves your question please use the 'Verify Answer' button.
Cancel
Vote Up 0 Vote Down

Cancel
0 Erik Puscher over 1 year ago in reply to PhilippRusch

Proxy port is 8080.
Cancel
Vote Up 0 Vote Down

Cancel
0 BAlfson over 1 year ago in reply to Erik Puscher

Hallo Erik,

Show us a screencap of 'Misc Settings' on the 'Misc' tab of 'Filtering Options'. Note #2 in Rulz.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel
0 Erik Puscher over 1 year ago in reply to BAlfson

Hello Bob, thanks for your answer.

Here is the screenshot.

Regarding to Rule #2 i can't see how the traffic of the chrome browser could be allowed by one of the points before 7. But i will have a closer look, thanks for the hint.
Cancel
Vote Up 0 Vote Down

Cancel
0 BAlfson over 1 year ago in reply to Erik Puscher

Erik, two days ago, you said, "I blocked QUCIK by blocking UDP 443 and 80 via firewall rule. But the problem still exists."

If one of your 'Allowed Target Services' is UDP 443, then Web Filtering allows that traffic before it can be blocked by a firewall rule.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up +1 Vote Down

Cancel
0 Erik Puscher over 1 year ago in reply to BAlfson

I removed the 443 and 80 Services from "Allowed Target Services" temporarily. But Chrome can't still be blocked. I added a Screenshot of the firewall rule. I only use three workstations for testing.
Cancel
Vote Up 0 Vote Down

Cancel
0 BAlfson over 1 year ago in reply to Erik Puscher

Erik, please insert a picture of the Edit of the 'QUICK 443' Service definition.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel
0 Erik Puscher over 1 year ago in reply to BAlfson

I think about switching from standard to transparent mode.

Could this circumvent the problem?
Cancel
Vote Up 0 Vote Down

Cancel
0 BAlfson over 1 year ago in reply to Erik Puscher

Yes, but this indicates that 'QUICK 443' hasn't been removed from 'Allowed Target Services'. See #2 in Rulz.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 1 year ago in reply to Erik Puscher

Yes, but this indicates that 'QUICK 443' hasn't been removed from 'Allowed Target Services'. See #2 in Rulz.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data