This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Google Play store issues

Hi all,

I was wondering if anyone had created an exception rule for Web Filtering on the Google Play store? I've noticed that large application updates like Skype & Chrome won't successfully update with the Web Filtering turned on, though smaller ones seem yo update without issue.

I'm using the filter in transparent mode without HTTPS. Turning the filter off resolves the problem immediately, though I can't find any blocking or errors in the log. It's like the download is just timing out with the web filter turned on?

This thread was automatically locked due to age.

Parents

0 BAlfson over 10 years ago

Hi, MrDragon1, and welcome to the User BB!

If you you had to make a different change than that suggested by apijnappels, there's something you're not telling us...

Is your Web Proxy in Standard mode?

Cheers - Bob

Sorry for any short responses. Posted from my iPhone.

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 10 years ago

Hi, MrDragon1, and welcome to the User BB!

If you you had to make a different change than that suggested by apijnappels, there's something you're not telling us...

Is your Web Proxy in Standard mode?

Cheers - Bob

Sorry for any short responses. Posted from my iPhone.

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 jreiter over 10 years ago in reply to BAlfson

I know this is an older thread, but I'm running into the same issue as MrDragon1, so I thought it might be useful to build on what's been discussed already. Rather than just exempting my Android phone from the web filter entirely, I'd rather get to the root of the problem. Here are some details:

I am running the web filter in Transparent Mode without HTTPS scanning. The web filter logs show no denies, only allows.

My firewall logs, however, show the following denies when I try to download an app from the Google App Store:


2014:03:03-00:01:15 spintronic-1 ulogd[4397]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60003" outitf="eth0" srcmac="0:1a:8c:13:9:a0" srcip="74.125.239.99" dstip="10.0.1.240" proto="6" length="40" tos="0x00" prec="0x00" ttl="64" srcport="80" dstport="57057" tcpflags="RST" 

2014:03:03-00:01:15 spintronic-1 ulogd[4397]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60003" outitf="eth0" srcmac="0:1a:8c:13:9:a0" srcip="74.125.239.99" dstip="10.0.1.240" proto="6" length="40" tos="0x00" prec="0x00" ttl="64" srcport="80" dstport="57057" tcpflags="RST" 

2014:03:03-00:01:15 spintronic-1 ulogd[4397]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60003" outitf="eth0" srcmac="0:1a:8c:13:9:a0" srcip="74.125.239.99" dstip="10.0.1.240" proto="6" length="40" tos="0x00" prec="0x00" ttl="64" srcport="80" dstport="57057" tcpflags="RST" 

2014:03:03-00:01:16 spintronic-1 ulogd[4397]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60003" outitf="eth0" srcmac="0:1a:8c:13:9:a0" srcip="74.125.239.99" dstip="10.0.1.240" proto="6" length="40" tos="0x00" prec="0x00" ttl="64" srcport="80" dstport="57057" tcpflags="RST" 

2014:03:03-00:01:16 spintronic-1 ulogd[4397]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="0:13:5f:0:52:9b" dstmac="0:1a:8c:13:9:a1" srcip="208.89.54.20" dstip="66.214.64.166" proto="6" length="52" tos="0x00" prec="0x00" ttl="113" srcport="58806" dstport="9333" tcpflags="SYN" 

2014:03:03-00:01:18 spintronic-1 ulogd[4397]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60003" outitf="eth0" srcmac="0:1a:8c:13:9:a0" srcip="74.125.239.99" dstip="10.0.1.240" proto="6" length="40" tos="0x00" prec="0x00" ttl="64" srcport="80" dstport="57057" tcpflags="RST" 

2014:03:03-00:01:21 spintronic-1 ulogd[4397]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60003" outitf="eth0" srcmac="0:1a:8c:13:9:a0" srcip="74.125.239.99" dstip="10.0.1.240" proto="6" length="40" tos="0x00" prec="0x00" ttl="64" srcport="80" dstport="57057" tcpflags="RST" 

2014:03:03-00:01:28 spintronic-1 ulogd[4397]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60003" outitf="eth0" srcmac="0:1a:8c:13:9:a0" srcip="74.125.239.99" dstip="10.0.1.240" proto="6" length="40" tos="0x00" prec="0x00" ttl="64" srcport="80" dstport="57057" tcpflags="RST" 

2014:03:03-00:01:30 spintronic-1 ulogd[4397]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60003" outitf="eth0" srcmac="0:1a:8c:13:9:a0" srcip="74.125.239.106" dstip="10.0.1.240" proto="6" length="40" tos="0x00" prec="0x00" ttl="64" srcport="80" dstport="46965" tcpflags="RST" 

2014:03:03-00:02:04 spintronic-1 ulogd[4397]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60003" outitf="eth0" srcmac="0:1a:8c:13:9:a0" srcip="74.125.239.99" dstip="10.0.1.240" proto="6" length="40" tos="0x00" prec="0x00" ttl="64" srcport="80" dstport="57057" tcpflags="RST"

10.0.1.240 is my Android phone's IP, and 74.12.239.108 looks to be one of the App Store servers.

If I disable the web filter the downloads work just fine. I also followed apijnappels' recommendation about opening outbound port 5228 on the firewall, but it did not solve the problem. (I didn't see how it would, since I have a default allow for outbound traffic.)

Any ideas?