Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 39 replies
  • Subscribers 1 subscriber
  • Views 46333 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

utm 9.3 causing website login invalid response error

RaveNet
After upgrading to 9.3 and 9.3.01 I have found a courrier website that sophos busts the login for

eTrac

doesn't matter if you type the username and password correct or not, either way it gives an error of 'invalid response'

so far creating a web proxy exception has had no effect on this.

14:11:19-09:45:05 fw httpproxy[6075]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="POST" srcip="192.168.69.135" dstip="204.193.149.161" user="" ad_domain="" statuscode="502" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="2629" request="0xe3b53000" url="apps.etrac.net/.../33.0" exceptions="av,auth,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"


This thread was automatically locked due to age.
Parents
  • 0
    Please show the relevant lines from the Web Filtering log for a single block.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    Please show the relevant lines from the Web Filtering log for a single block.

    Cheers - Bob


    Sorry - was pretty busy yesterday and missed this post.  here is a log snippet:

    2015:01:16-08:49:37 oasgs httpproxy[5674]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="GET" srcip="10.21.251.159" dstip="54.160.105.183" user="" ad_domain="" statuscode="502" cached="0" profile="REF_HttProOfaVlan2Trans (OFA (VLAN21) Transparent Proxy Profile)" filteraction="REF_HttCffOfaTranspa (OFA Transparent)" size="2701" request="0xdb3a8000" url="http://meeting05.prezi.com/crossdomain.xml" referer="" error="Invalid response" authtime="0" dnstime="24672" cattime="0" avscantime="0" fullreqtime="59215" device="0" auth="0" ua="Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)" exceptions="av,content,url,ssl,cache" 

    2015:01:16-08:47:25 oasgs httpproxy[5674]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="GET" srcip="10.21.252.211" dstip="23.20.41.188" user="" ad_domain="" statuscode="502" cached="0" profile="REF_HttProOfaVlan2Trans (OFA (VLAN21) Transparent Proxy Profile)" filteraction="REF_HttCffOfaTranspa (OFA Transparent)" size="2701" request="0xd4deb800" url="http://meeting07.prezi.com/crossdomain.xml" referer="" error="Invalid response" authtime="0" dnstime="11700" cattime="0" avscantime="0" fullreqtime="51675" device="0" auth="0" ua="Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)" exceptions="av,content,url,ssl,cache" 

    2015:01:16-08:46:45 oasgs httpproxy[5674]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="GET" srcip="10.21.92.44" dstip="54.198.160.5" user="" ad_domain="" statuscode="502" cached="0" profile="REF_HttProOfaVlan2Trans (OFA (VLAN21) Transparent Proxy Profile)" filteraction="REF_HttCffOfaTranspa (OFA Transparent)" size="2701" request="0xda78d800" url="http://meeting06.prezi.com/crossdomain.xml" referer="" error="Invalid response" authtime="0" dnstime="55" cattime="0" avscantime="0" fullreqtime="36543" device="0" auth="0" ua="Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" exceptions="av,content,url,ssl,cache"
Reply
  • 0 in reply to BAlfson
    Please show the relevant lines from the Web Filtering log for a single block.

    Cheers - Bob


    Sorry - was pretty busy yesterday and missed this post.  here is a log snippet:

    2015:01:16-08:49:37 oasgs httpproxy[5674]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="GET" srcip="10.21.251.159" dstip="54.160.105.183" user="" ad_domain="" statuscode="502" cached="0" profile="REF_HttProOfaVlan2Trans (OFA (VLAN21) Transparent Proxy Profile)" filteraction="REF_HttCffOfaTranspa (OFA Transparent)" size="2701" request="0xdb3a8000" url="http://meeting05.prezi.com/crossdomain.xml" referer="" error="Invalid response" authtime="0" dnstime="24672" cattime="0" avscantime="0" fullreqtime="59215" device="0" auth="0" ua="Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)" exceptions="av,content,url,ssl,cache" 

    2015:01:16-08:47:25 oasgs httpproxy[5674]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="GET" srcip="10.21.252.211" dstip="23.20.41.188" user="" ad_domain="" statuscode="502" cached="0" profile="REF_HttProOfaVlan2Trans (OFA (VLAN21) Transparent Proxy Profile)" filteraction="REF_HttCffOfaTranspa (OFA Transparent)" size="2701" request="0xd4deb800" url="http://meeting07.prezi.com/crossdomain.xml" referer="" error="Invalid response" authtime="0" dnstime="11700" cattime="0" avscantime="0" fullreqtime="51675" device="0" auth="0" ua="Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)" exceptions="av,content,url,ssl,cache" 

    2015:01:16-08:46:45 oasgs httpproxy[5674]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="GET" srcip="10.21.92.44" dstip="54.198.160.5" user="" ad_domain="" statuscode="502" cached="0" profile="REF_HttProOfaVlan2Trans (OFA (VLAN21) Transparent Proxy Profile)" filteraction="REF_HttCffOfaTranspa (OFA Transparent)" size="2701" request="0xda78d800" url="http://meeting06.prezi.com/crossdomain.xml" referer="" error="Invalid response" authtime="0" dnstime="55" cattime="0" avscantime="0" fullreqtime="36543" device="0" auth="0" ua="Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" exceptions="av,content,url,ssl,cache"
Children
No Data
Unfiltered HTML