This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM 9 akamai

I have eu1.concursolutions.com  in a webfiltering whitelist and  a wget  to it  works fine

2022:02:18-11:08:50 utm httpproxy[8987]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="x.x.x.x." dstip="104.103.204.76" user="" group="" ad_domain="" statuscode="301" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffWhitelist (Whitelist)" size="0" request="0xdbbeca00" url="http://eu1.concursolutions.com/" referer="" error="" authtime="0" dnstime="187" aptptime="0" cattime="13174" avscantime="0" fullreqtime="25708" device="0" auth="0" ua="Wget/1.20.3 (linux-gnu)" exceptions="" overridereputation="1" category="105" reputation="trusted" categoryname="Business"

My SAP team are calling eu1.concursolutions.com from within SAP PI ,  that runs on the same server I run wget from

2022:02:18-10:59:45 utm httpproxy[8987]: id="0060" severity="info" sys="SecureWeb" sub="http" name="web request blocked, forbidden category detected" action="block" method="CONNECT" srcip="x.x.x.x" dstip="" user="" group="" ad_domain="" statuscode="403" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffWhitelist (Whitelist)" size="3182" request="0xa732000" url="2.19.154.55/" referer="" error="" authtime="0" dnstime="0" aptptime="0" cattime="81" avscantime="0" fullreqtime="213448" device="0" auth="0" ua="" exceptions="" category="9998" reputation="unverified" categoryname="Uncategorized" reason="category"

but via  SAP PI  2.19.154.55  is seen in the log rather than eu1.concursolutions.com, and dstip=""  ( I'm not sure why and yes sap uses the fqdn)

>nslookup eu1.concursolutions.com

Non-authoritative answer:
Name: e7868.b.akamaiedge.net
Address: 2.19.154.55
Aliases: eu1.concursolutions.com
global-wc.concursolutions.com.edgekey.net

The eu1.concursolutions.com ip may change , so other than putting all the akamai ips in the whitelist is there another way to deal with this ?  TIA

https://blogs.sap.com/2019/06/10/how-akamai-works-in-sap-cloud-for-customers/



This thread was automatically locked due to age.
  • the standard mode is still active in the background
    the port can be found somewhere in the settings


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.