This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Host can't access website via allowed target port

Hello,

I'm trying to access a website which uses port 9119 for HTTPS. For this I've added the port 9119 (TCP) to the Allowed Target Services list in the Advanced tab of Web Protection.

Trying to access the website fails. My requests to this port are just dropped via packetfilter according to the logfile.

Yes, there is a packetfilter rule which drops any traffic for the host. But adding the port to the list of the allowed services should allow this port over the proxy. I'm wrong with this assumption?

Do I need an allowing packetfilter rule additionally? If I add additionally a packetfilter rule my traffic is bypassing the proxy.

Regards

UTMaddict



This thread was automatically locked due to age.
  • FormerMember
    0 FormerMember

    Hi ,

    Thanks for reaching out to the Community! 

    Adding the non-standard port to the allowed ports under Web Protection > Filtering Options > Misc > Allowed target services would allow a connection to the port through a web proxy, but that doesn't mean that you could access blocked websites that listen on that port. 

    I'd suggest you check http logs while trying to access the website and share the logs with us. 

    You could also do a policy test from Web Protection > Policy Helpdesk. 

    Thanks,

  • Hallo,

    'Allowed Target Ports' only applies to Standard Mode, not Transparent.  You would need to configure your browser to use the UTM Proxy explicitly.  Even if you have Web Filtering configured in Transparent Mode, it will react as if in Standard if the browser uses it explicitly.

    Another "trap" that catches many people is the fact that the 'Skiplist' only applies in Transparent Mode, not in Standard.  In Standard, you must configure the skips in your browser.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA