This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web Exception Rules not working, Firewall rules do.

Hi All,

Since updating to 9.601 we are unable to install any Internet connected applications via the PRoxy

We use Standard Proxy

For example - Sophos Central - It fails to download and connect to the Cloud controller.

We have the necessary Exceptions created but when doing a tcpdump, it's trying to hit the Firewall (shows packets dropped) instead of the web filtering exceptions.

Same as Teamviewer etc as well.

If we create a test Firewall Rule such as - Source (Any) Port (Any) Destination (Any) and turn off the proxy on the Clients, it works 100%.

Is anyone else having similar issues?

 




This thread was automatically locked due to age.
  • Hi Daniel and welcome to the UTM Community!

    Please show a representative line from the full Firewall log file.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • I believe this has been discussed previously in this forum.

    There is a byte-range transfer method which is often used for file downloads.   From a security standpoint, this is a problem, because it turns the web session into an arbitrary blur of binary characters, which are impossible to interpret for hostile content.   

    I believe version 9.6 cracked down on this feature, and so a lot of download-manager tools no longer work, and you will have to create exceptions for the ones that you want to allow.   My guess is that all you need is to disable Antivirus checking.   If that is insufficient, you might need to disable mime type checking as well.  To be certain, ask support, as I have not yet upgraded to 9.6x