This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Can't Access Specific Website

Masters!

There's a specific website that I can't access. But I can access it when bypassing Sophos FW.

2020:11:23-07:27:40 utm httpproxy[1587]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="CONNECT" srcip="172.26.46.9" dstip="203.177.229.122" user="" group="" ad_domain="" statuscode="500" cached="0" profile="REF_HttProContaInterNetwo (Allow All)" filteraction="REF_HttCffAllow (allow)" size="517" request="0xd3c34700" url="">www.eastwestbanker.com/" referer="" error="Connection timed out" authtime="0" dnstime="102914" aptptime="483" cattime="44162" avscantime="0" fullreqtime="127336388" device="0" auth="0" ua="" exceptions="sandbox,ssl,certcheck,certdate" category="114" reputation="neutral" categoryname="Finance/Banking"
2020:11:23-07:27:40 utm httpproxy[1587]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="CONNECT" srcip="172.26.46.9" dstip="203.177.229.122" user="" group="" ad_domain="" statuscode="500" cached="0" profile="REF_HttProContaInterNetwo (Allow All)" filteraction="REF_HttCffAllow (allow)" size="517" request="0xda86aa00" url="">www.eastwestbanker.com/" referer="" error="Connection timed out" authtime="0" dnstime="103014" aptptime="429" cattime="44316" avscantime="0" fullreqtime="127336458" device="0" auth="0" ua="" exceptions="sandbox,ssl,certcheck,certdate" category="114" reputation="neutral" categoryname="Finance/Banking"
2020:11:23-07:38:52 utm httpproxy[1587]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="GET" srcip="172.26.46.9" dstip="203.177.229.122" user="" group="" ad_domain="" statuscode="504" cached="0" profile="REF_HttProContaInterNetwo (Allow All)" filteraction="REF_HttCffAllow (allow)" size="0" request="0xd6b27100" url="">www.eastwestbanker.com/" referer="" error="Connection to server timed out" authtime="0" dnstime="261398" aptptime="109" cattime="144" avscantime="0" fullreqtime="61113784" device="0" auth="0" ua="Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) QtWebEngine/5.15.1 Chrome/80.0.3987.163 Safari/537.36" exceptions="sandbox,ssl,certcheck,certdate" category="114" reputation="neutral" categoryname="Finance/Banking"
Can you help me find the cause of this?
Thank you!


This thread was automatically locked due to age.
Parents
  • Musta Randolf and welcome to the UTM Community!

    Guys, the hint in the log lines is statuscode="50?" - the server doesn't "like" our Proxy.  If adding an Exception for Antivirus doesn't resolve this problem, the only solution is to skip the Proxy.

    Also, the folks at eastwestbanker.com might need to fix their authoritative name server entries.  www.eastwestbanker.com resolves to 210.1.80.122 (a single A record), but both that IP and 203.177.229.122 have rDNS records pointing at www.eastwestbanker.com.  I don't claim to be a student of DNS functionality, but if there's a reason to configure that way, it's unknown to me.  Maybe some workaround for some sloppy coding of their website???

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi Bob,

    Thank you for this.
    Can you teach me how to skip the Proxy?

  • Hello Randolf,

    To skip the proxy for a computer or website, you would go to 

    Web Protection >> Filtering options >> Misc >> Transparent Mode Skiplist >> Skip Transparent Mode Destination Hosts/Nets

    You would add here the DNS or IP of the website.

    If you add a computer under Skip Transparent Mode Source Hosts/Nets

    This computer will skip the proxy for all of the connections.

    Regards,


     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
  • Hi Sir Bob,

    I tried putting the IP/DNS of the website. But still can't access it.

    :'(

    Thank you.

  • Please show a picture of the Edit of the solution that you tried.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply Children