This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Why the link can't be blocked?

I am very tired because UTM 9 can't block the link successfully.

Following is the link

https://scratch.mit.edu/explore/projects/all "

I tested follow Regular Expression :

https://scratch.mit.edu/explore/projects/[all] "

" https://scratch.mit.edu/explore/projects/[a-zA-Z0-9] "

When I use policy test, it shows blocked. However I try the user computers (total 10 different computers), it can be passed. 

Include the last "Lego" Game link, this is the second link that can't be blocked.

 

Please help!



This thread was automatically locked due to age.
  • All see this for general background information on HTTPS scanning.

    https://community.sophos.com/kb/en-us/132997

  • So you are wanting to bypass your router/firewall/utm and see how your desktop software firewall response to ICMP? Hopefully I am understanding what you want here.

    If that's the case, get the gateway of your ISP modem/router via whatismyip in google. Then connect to a hotspot or external network, or even a VPN then try to ping back to your WAN, does it respond? If it doesn't respond then you need to either bridge your isp gear, set disable firewall for true static, or go into settings and enable ICMP passthrough. After that you need to pass ICMP through your UTM 9 or set your local (LAN) IP for bypass/DMZ then rerun the test. https://tgw.onl/digitalocean/ https://tgw.onl/siteground/ https://tgw.onl/ipage/

    That's pretty much all you need to do either way, but if your ISP is force blocking ICMP and you can't get into it to make changes then you are pretty much out of luck.

  • To elaborate, the basic PING-related settings are in:

    Network Protection... Firewall... ICMP (tab)

    You can enable some of these options, then restrict them using firewall rules.

    Also remember that UTM is largely directionless, so if you want to permit ping out but not ping in, you need to teach UTM to do that with firewall rules, because it does not think in terms of inside and outside inmost contexts.

    Overall, reachability for ping is different than reachability for web traffic.

  • You can enable some of these options, then restrict them using firewall rules.

    It's the other way around, Doug - the settings on the 'ICMP' tab take precedence over manual firewall rules.  If you want to restrict these options, you have to de-select things on the 'ICMP' tab and then create firewall rules for what you want to allow.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Thanks, Bob.  I have learned much from you

  • Regarding the CA Certified you imported at your Clients:

    Maybe you did import it into "Certificates" and not "Trusted Certificate Authorities"?

    It needs to be imported into "Trusted Certificate Authorities" because all other Certificates for Sites you open are created by this CA.

    IE, Edge and Chrome use the Windows Certificate Store by default. If you imported it there it should be fine for this browsers.

    On firefox I think there is an option to tell it to also use the Windows Certificate Store.