Hi everybody,
i get an timeout when i using openstreetmap / virtualearth through the web protection (proxy). Then i cant get some maps (when i zoom in or out).
I receive the error message: Timeout from Server.
This issue is only when the request pass the proxy server. On simple Internet access everything is running fine and fast. An exception with condition "from these host" is set to any, without success.
What can i do?
Thank you and best regards
Michael
Hallo Michael and welcome to the UTM Community!
First, start the Web Filtering Live Log. Copy here the lines from the log when you get this error.
Cheers - Bob
i Bob,
i have attach live log capture from today.
Thanks and BR
Michael
The log shows that you're hitting the Default Block Action, Michael.
2022:08:29-15:48:50 portal-2 httpproxy[11475]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.X.Y.90" dstip="151.101.65.91" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaHsyasNetwo (B Blacklisting)" filteraction="REF_DefaultHTTPCFFBlockAction (Default Block)" size="1587057" request="0xd9f82e00" url="">c.tile.openstreetmap.org/" referer="" error="" authtime="0" dnstime="3" aptptime="285" cattime="0" avscantime="0" fullreqtime="309608283" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36" exceptions="auth,url,cache,size,patience"
Please insert a picture of the Edit of the Profile corresponding to ContaHsyasNetwo. Also, a picture of the "Default content filter action" on the 'Filter Actions' tab of 'Filtering Options'.
Cheers - Bob
PS We can't know if an external site is properly protected. The only malware I've gotten in almost 15 years was from a link in this Community to an external picture in 2014. Thanks in advance for not using an outside image service!
PPS Notice that I replaced some numbers in your internal IP address with X and Y. I prefer to obfuscate IPs like 84.XX.YY.121, 10.X.Y.100, 192.168.X.200 and 172.2X.Y.51. That lets us see immediately which IPs are local and which are identical or just in the same subnet. I've removed your txt file in your last post so that no bad guy can try to compromise you.
The lines for reference from your txt file:
2022:08:29-15:48:50 portal-2 httpproxy[11475]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.X.Y.90" dstip="151.101.65.91" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaHsyasNetwo (B Blacklisting)" filteraction="REF_DefaultHTTPCFFBlockAction (Default Block)" size="1587057" request="0xd9f82e00" url="">c.tile.openstreetmap.org/" referer="" error="" authtime="0" dnstime="3" aptptime="285" cattime="0" avscantime="0" fullreqtime="309608283" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36" exceptions="auth,url,cache,size,patience"
2022:08:29-15:48:50 portal-2 httpproxy[11475]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.X.Y.90" dstip="151.101.129.91" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaHsyasNetwo (B Blacklisting)" filteraction="REF_DefaultHTTPCFFBlockAction (Default Block)" size="1463249" request="0xacd4b100" url="">a.tile.openstreetmap.org/" referer="" error="" authtime="0" dnstime="4" aptptime="269" cattime="0" avscantime="0" fullreqtime="309608502" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36" exceptions="auth,url,cache,size,patience"
2022:08:29-15:48:50 portal-2 httpproxy[11475]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.X.Y.90" dstip="151.101.1.91" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaHsyasNetwo (B Blacklisting)" filteraction="REF_DefaultHTTPCFFBlockAction (Default Block)" size="1504129" request="0x985dc00" url="">b.tile.openstreetmap.org/" referer="" error="" authtime="0" dnstime="2" aptptime="83" cattime="0" avscantime="0" fullreqtime="309607518" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36" exceptions="auth,url,cache,size,patience"
It shows pass and CONNECT, but you have (B Blacklisting) also listed here. Is that a custom filter of some type you created? Also have default block showing as well. I don't have them specifically open per se on my set up, but I did notice I wasn't able to see a lot of things online if I also blocked Google Analytics. You might want to unblock that just to start and see if you can access OpenStreet and VE.
OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
(Former Sophos UTM Veteran, Former XG Rookie)
Hallo Michael,
Bitte:
Please insert a picture of the Edit of the Profile corresponding to ContaHsyasNetwo. Also, a picture of the "Default content filter action" on the 'Filter Actions' tab of 'Filtering Options'.
Cheers - Bob