Help us enhance your Sophos Community experience. Share your thoughts in our Sophos Community survey.

Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 24 replies
  • Answers 1 answer
  • Subscribers 2 subscribers
  • Views 27593 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Transparent mode skiplist

AdamTyler
I'm experiencing an interesting issue with the "Transparent mode skiplist".  It seems that my backup service (Crashplan) will intermittently stop working until I add the fqdn of the destination backup server to this list.  So anytime the backup destination changes, my backups fail until this is updated.  For example:

the backup destination might be backup1.crashplan.com, but now change to backup2.crashplan.com and fail until added to the list.

I am continually adding "DNS Host" network definitions and adding them to the "Transparent mode skiplist".  My question is related to creating some kind of network definition that allows for "ANYTHING".crashplan.com to be added to the list in one shot?  Are there other filtering options I can use that would make this work without managing the "Transparent mode skiplist" manually?  I notice my I am currently in "Standard Mode" under Global of the Web Filtering tab.  Currently running firmware version: 9.209-8

Let me know if you have more questions.  Thanks!

Adam Tyler
adam@tylercrew.com


This thread was automatically locked due to age.
  • 0 in reply to AdamTyler
    I appreciate you not going the condescending route.  Interesting that you've been able to get this to work.  Can you give me the exact steps to follow your config?  I'm curious now having spent so much time on it.

    I used to be a consultant, but have settled into a 8-5 job since then.  Probably won't be going through the training, just been using the free home license since my company provided SonicWALL was pulled.  I really do like the device.  I am using site to site VPN, email filtering, reverse NAT rules, client DSL VPN, LDAP integration, etc...  Just haven't been thrilled with the content filter .   Especially for home use.  It seems every time you'd turn around something didn't work as a result of the content filter.  My only recourse was to add IP's and definitions manually.  Was jut getting old.  I did lose the granularity of applying different content filtering policies to different users after the openDNS route.  Not a big fan of that, but the benefits of the internet working are enough to make it ok.

    I even opened a ticket with crash plan support trying to get them to give me their subnets....  Nope, can't do it.  Yeesh...

    I am also experiencing another issue with using this appliance in a VMware cluster.  It seems everything it gets vMotioned to a different host the license has to be reapplied.  So, it doesn't exactly like having the CPU Id change is my guess.  Ever run into that?  I'll probably open a different thread.


    I have a question..are you using https scanning in the web proxy?

    Owner:  Emmanuel Technology Consulting

    http://etc-md.com

    Former Sophos SG(Astaro) advocate/researcher/Silver Partner

    PfSense w/Suricata, ntopng, 

    Other addons to follow

  • 0
    I administer quite a few SonicWALL's too.

    Agreed with William, Adam - smart people that are familiar with SW, Cisco, etc. tend to frame their questions in terms of the solutions they know.  That knowledge is a bane to learning in the beginning, but very helpful once you've learned to be "open-minded" again. [:D]

    For now, please continue to use your fresh perspective to challenge the difficulty of some things in WebAdmin.  You will often find that my comment above applies, but, as implied by that, new ideas seldom come from those that know "it doesn't work like that." [;)]

    Now, about those lines from the logs...

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to William Warren
    I have a question..are you using https scanning in the web proxy?


    How do you tell?
  • 0 in reply to William Warren

    Brilliant shout on Quick RegEx, solved my issue.

     

    Many Thanks :)

     

    With regards to the original post I would suggest doing this and putting *.crashplan.com into RegEx and apply that.

Unfiltered HTML