This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Problem Web Filtering AD SSO Statuscode 407

Hi in die Runde,

ich habe eine UTM 9.705-3 am laufen. In letzter Zeit häufen sich die Probleme das ich mich in Shopseiten oder bei der Übergabe dieser an Beispielsweise PayPal die Seiten nicht richtig funktionieren. Bei der Recherche ist mir im Webfilter Log aufgefallen das es immer einen Statuscode 407 gibt beim Aufruf solch einer Seite. Ich kann mir nicht erklären woher bzw. warum das passiert. Für die Proxyeinstellungen nutze ich eine WPAD.dat.

Beispiel aus dem Log beim Versuch mich Beispielsweise auf ui.com einzuloggen:

Seitenaufruf alles io mit Username und domain

2021:01:16-14:39:52 utm httpproxy[5599]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="172.25.30.4" dstip="205.186.187.151" user="ka" group="Internet_voll" ad_domain="AD" statuscode="200" cached="0" profile="REF_HttProContaLanNetwo (LAN)" filteraction="REF_HttCffVoll (Voll)" size="1598" request="0xd0878700" url="">ui.om/.../default_dynamic_ms_id_1.js referer="">http://ui.om/" error="" authtime="0" dnstime="0" aptptime="178" cattime="634" avscantime="8215" fullreqtime="191652" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36" exceptions="" category="105" reputation="neutral" categoryname="Business" content-type="application/javascript" sandbox="-"
Nach Eingabe des Passwortes und klicken des Login Button -> kein User und keine Domain
2021:01:16-14:39:52 utm httpproxy[5599]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="172.25.30.4" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProContaLanNetwo (LAN)" filteraction=" ()" size="2629" request="0xcf4cbc00" url="">https://www.ui.com/" referer="" error="" authtime="2" dnstime="0" aptptime="0" cattime="0" avscantime="0" fullreqtime="175" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36" exceptions=""
2021:01:16-14:39:52 utm httpproxy[5599]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="172.25.30.4" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProContaLanNetwo (LAN)" filteraction=" ()" size="2629" request="0xd0864300" url="">https://dl.ui.com/" referer="" error="" authtime="3" dnstime="0" aptptime="0" cattime="0" avscantime="0" fullreqtime="197" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36" exceptions=""
2021:01:16-14:39:52 utm httpproxy[5599]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="172.25.30.4" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProContaLanNetwo (LAN)" filteraction=" ()" size="2629" request="0xd0808300" url="">prd-www-cdn.ubnt.com/" referer="" error="" authtime="1" dnstime="0" aptptime="0" cattime="0" avscantime="0" fullreqtime="156" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36" exceptions=""

Hat jemand einen Tipp für mich an welcher Stelle ich schauen kann bzw. was ich umbauen muss oder falsch konfiguriert ist?

Danke Gruß Jürgen

 



This thread was automatically locked due to age.
Parents
  • Status code 407 is normal whenever web filtering is configured for authentication. If you see several in a row, it can mean that authentication is failing.

    Possibilities:

    - AD SSO authentication is used and client program is a fat client rather than a browser and cannot answer the query.

    -AD SSO and client device is not Windows.

    - AD SSO fails and user gets a basic authentication prompt, but does not respond to the pop-up.

    - Authentication succeeds but a subsequent problem occurs.

    Options

    -in filter profile, use deve options to use a different authentication method for non-Windows clients.

    - create an exception to bypass authentication for a specific site.

    -change filter profile to disable authentication for everything.

    - create controlled tests and check log file for more details. Most websites use content from multiple servers in multiple domains.

Reply
  • Status code 407 is normal whenever web filtering is configured for authentication. If you see several in a row, it can mean that authentication is failing.

    Possibilities:

    - AD SSO authentication is used and client program is a fat client rather than a browser and cannot answer the query.

    -AD SSO and client device is not Windows.

    - AD SSO fails and user gets a basic authentication prompt, but does not respond to the pop-up.

    - Authentication succeeds but a subsequent problem occurs.

    Options

    -in filter profile, use deve options to use a different authentication method for non-Windows clients.

    - create an exception to bypass authentication for a specific site.

    -change filter profile to disable authentication for everything.

    - create controlled tests and check log file for more details. Most websites use content from multiple servers in multiple domains.

Children
No Data