we had setup "Web Filtering" on our SG210 and are using the "Proxy Auto Configuration".
For testing i browse to a forbidden website.
Firefox and Edge are blocking the content correctly.
But Chrome does not.
Proxy settings are rolled out via GPO.
As far as i can see, all is set up correctly. Windows Internet Options are pointing to the correct wpad.dat. The wpad.dat code seems correct since Firefox and Edge are blocked.
I found the following in the discussions. But i can't find such an option on our SG210.
Web filtering not working with chrome
Do you have any clues?
Hi,Chrome browsers are also filtered in my environments like other browsers.But Google implements some "privacy optimizations". (like Apple his privacy proxy)Here the DNS requests or the complete web requests use a tunnel (VPN) .So your firewall can't see anything.Here, the “quick protocol” is usually used.You can try blocking “quick protocol” within your rules..... but maybe there is something new ... from the "security sheriff google"
Systema Gesellschaft für angewandte Datentechnik mbH // Sophos Platinum PartnerSophos Solution Partner since 2003 If a post solves your question, click the 'Verify Answer' link at this post.
Thanks for your help. I blocked QUCIK by blocking UDP 443 and 80 via firewall rule. But the problem still exists.
So sadly this wasn't (the only) solution.
It is standard mode.
Did you change the standard proxy port?
Mit freundlichem Gruß, best regards from Germany,
New Vision GmbH, GermanySophos Silver-Partner
If a post solves your question please use the 'Verify Answer' button.
Proxy port is 8080.
Show us a screencap of 'Misc Settings' on the 'Misc' tab of 'Filtering Options'. Note #2 in Rulz.
Cheers - Bob
Hello Bob, thanks for your answer.
Here is the screenshot.
Regarding to Rule #2 i can't see how the traffic of the chrome browser could be allowed by one of the points before 7. But i will have a closer look, thanks for the hint.
Erik, two days ago, you said, "I blocked QUCIK by blocking UDP 443 and 80 via firewall rule. But the problem still exists."
If one of your 'Allowed Target Services' is UDP 443, then Web Filtering allows that traffic before it can be blocked by a firewall rule.
I removed the 443 and 80 Services from "Allowed Target Services" temporarily. But Chrome can't still be blocked. I added a Screenshot of the firewall rule. I only use three workstations for testing.
Erik, please insert a picture of the Edit of the 'QUICK 443' Service definition.
I think about switching from standard to transparent mode.
Could this circumvent the problem?
Yes, but this indicates that 'QUICK 443' hasn't been removed from 'Allowed Target Services'. See #2 in Rulz.