This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Changing from Transparent Proxy to Standard Proxy Breaks Outlook and Website Images When SSL Decrypt and Scan is Enabled

I'm wanting to changes our setup from a transparent proxy with AD SSO, to standard proxy with AD SSO authentication.  With transparent proxy, SSL decrypt and scan is set and the cert distributed to all clients, which works fine.  When I switch to standard proxy, some web page images no longer load a and also outlook 2016 gets disconnected from our Exchange server.  As soon as I disable the SSL decrypt and scan, it all starts working again.

Is there something else I should be changing to fix this?  I can't work out where the issue is.



This thread was automatically locked due to age.
Parents
  • Is this a question about Web Filtering or about Webserver Protection (WAF)?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • It’s a web filtering question. Https decryption just seems to break most sites on standard proxy.  Transparent is fine.

  • OK, I will have moved this thread from General Discussion to the Web Protection forum.

    What relevant line(s) do you see in the Web Filtering log when your browser is configured to use the Standard Proxy and website images are broken?  Are the web servers with broken images internal or out on the Internet?  What browser?  Is this the Outlook app that breaks or Outlook Web Access?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi Bob,

    The websites that break are out on the internet.  It seems to affect css and images.  In the logs, I can see the entry that refers to an image that won't display - this is just one example:

     

    2019:04:01-12:25:01 utm httpproxy[5915]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.60.3" dstip="104.72.152.201" user="xxxx" group="" ad_domain="SIMS" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo6 (containing IT Tech VLAN)" filteraction="REF_HttCffStaff (Staff)" size="0" request="0xc8cda700" url="ichef.bbci.co.uk/.../_106249572_upset-internet-user.jpg" referer="www.bbc.co.uk/.../business-47768666" error="" authtime="75" dnstime="6" aptptime="94" cattime="100" avscantime="0" fullreqtime="1159" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36" exceptions="ssl,application" category="134" reputation="neutral" categoryname="General News" country="Netherlands"

     

    Sometimes, the web page just appears blank, sometimes, it shows but without the image and sometimes, it seems to work perfectly.  When I turn off SSL Decrypt & Scan, it always works as intended.

     

    With regards to Outlook, it's the app that disconnects.  Again, as soon as I turn off SSL decryption, it connects again.


    Thanks in advance for any advice/help.

  • That is not the problem entry as evidenced by theses clauses:

    id="0001"
    action="pass"
    statuscode="200"
    error=""

    Capture all activity from the source IP during the test.   Many websites reference data from other servers.    

Reply Children
No Data