This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How does web filtering rules apply?

Hello,

We have 4 terminal servers for which we have defined a web filtering policy. All the servers have an internal application installed which reaches out to the internet on port 9009 to update some information within the application. We have allowed this port under Web Protection > Filtering Options > Misc. > Allowed Target Services.

Also, we have defined a firewall rule to allow the servers reach out to "Any" on port 9009.

Still, the application isn't able to get the desired information when the web filtering rule is ON. When its OFF, everything works perfectly. However, we are not able to figure out what could be the issue.

Any help will be appreciated.

Thanks! 



This thread was automatically locked due to age.
Parents
  • Namaste,

    'Allowed Target Services' do not apply if the traffic isn't in Standard mode.  That is, the server must explicitly use the UTM as a proxy.  Even if Web Filtering is in Transparent mode, the Proxy will treat the request as if it were in Standard mode.  Did that resolve your problem?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hello BAlfson!

    Ok, that is an insight for me. However, what if I don't want to use the Standard Mode? Compared to Transparent Mode, it seems to have a bit more config. overhead. What if I want to keep Transparent Mode and still allow Port 9009? It's not possible?

    Thanks! 

    Prakhar Jalan

Reply
  • Hello BAlfson!

    Ok, that is an insight for me. However, what if I don't want to use the Standard Mode? Compared to Transparent Mode, it seems to have a bit more config. overhead. What if I want to keep Transparent Mode and still allow Port 9009? It's not possible?

    Thanks! 

    Prakhar Jalan

Children
  • You don't need to use Standard mode for everyone.  You just need the application to use the UTM as a web proxy.  Web Filtering in transparent mode will see that the web request is aimed at its IP and it will handle the request as if it were in Standard mode.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA