This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Wild-card DNS definitions in Transparent Skip list?

Hi

I'm trying to add wild card domains for "Skip Transparent Mode" in 9.355 ( This is needed to get sophos cloud endpoints to work behind a transparent proxy)

The area only allows import of network objects, and not RegEx like the scanning exceptions does.

I am able to create DNS hosts, and DNS groups, but making a [ *.sophosupd.com ] DNS host/group object does not catch requests going to dci.sophosupd.com.

Is this a Bug or is the creation of wildcard DNS hosts or groups not possible in 9.355?

If it is not possible then Sophos needs to fix their Cloud AV to play nicer with transparent proxies.



This thread was automatically locked due to age.
Parents
  • Hi,

    Greetings.

    Skip Transparent Mode option is only meaningful if the Web Filter runs in transparent mode. Hosts and networks listed in the Skip transparent mode hosts/nets boxes will not be subject to the transparent interception of HTTP traffic.To allow HTTP traffic (without proxy) for hosts and networks, Allow HTTP/S traffic for listed hosts/nets check box is selected.

    When you define a host under this mode and keep the mouse pointer over the host, it will reflect resolved or unresolved. A wildcard DNS host cannot be defined as a wildcard host cannot be resolved.

    I suggest you to configure an exception with RegEx by navigating through the options Web Protection>Filtering Options>Exceptions.

    This will also give you granular definition to filter the URLs.

    Hope that helps.

    Thanks

    Sachin Gurung

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • Hi, Thank you Sachin

    I am running in transparent mode, and I did add those exceptions in the Filter Options, to the Sophos Services

    The " ^https?://[A-Za-z0-9.-]*\.sophosupd\.com/ " should have been all that was needed to get the cloud AV to install. This had no effect. Unless my RedEx is wrong..

    The endpoints through an error and abort installation

    [ 1280] WARN WindowsProxyDiscoveryWrapper::GetProxyForUrl Failed to get the automatic proxy configuration. The error code was 12180.

    Adding dci.sophosupd.com to the destination field in  skip transparent mode works,

    I was hoping they would be [unresolved] until being called upon.

    --------------------------

    Edit

    Ugh just noticed that Regex was for the https url and not the http one the product uses. Ill try adding that and see how it goes.

  • Hi,

    The RegEx for dci.sophosupd.com will be ^https?://([A-Za-z0-9.-]*\.)?dci\.sophosupd\.com/.

    Can you try an exception with this and let me know.

    Hope that helps :)

    Thanks

    Sachin Gurung

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • These are the Exceptions that I believe you should have:

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Thank you both, I have not tried installing on any more win 10 boxes to test. 

Reply Children
No Data