This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

"Host Not Found" Error

I'm seeing lots of blocks on "courier.push.apple.com" in my web filter log. I've added an exception for the url in the filtering profile as well as in the filtering options. Below is a line from the log. What does the "host not found" error mean?

2015:01:22-17:34:58 hpch httpproxy[5494]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="CONNECT" srcip="10.10.10.160" dstip="" user="" ad_domain="" statuscode="502" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="0" request="0xe25db800" url="courier.push.apple.com/" referer="" error="Host not found" authtime="0" dnstime="243" cattime="0" avscantime="0" fullreqtime="218383" device="0" auth="0" ua="" exceptions="av,content,url,ssl,mime,cache,fileextension,size,patience"


This thread was automatically locked due to age.
  • Host not found means the host cannot be contacted.  I just did a DNS lookup for courier.push.apple.com against google DNS and no IP was returned.  Apple may be having DNS issues.
    __________________
    ACE v8/SCA v9.3

    ...still have a v5 install disk in a box somewhere.

    http://xkcd.com
    http://www.tedgoff.com/mb
    http://www.projectcartoon.com/cartoon/1
  • @tscott_1: Did you ever find a solution?  We're having the same problem with Apple iMessage, despite creating URL exceptions.

    We need a way for the UTM to exempt failed DNS lookups from blocking traffic and respect configured exceptions and permitted access to uncategorized URLs.

    I'm also following post https://community.sophos.com/products/unified-threat-management/astaroorg/f/55/t/46786, where I've posted my full findings so far.
  • EDIT.... Just found this post

    https://community.sophos.com/products/unified-threat-management/f/web-protection-web-filtering-application-visibility-control/46970/snapchat---host-not-found#pi2151=2

    So far the only way to get snap chat to work is to got Webprotection then to Filtering options then to Misc and scroll to the bottom and uncheck Pharming Protection.  No exceptions or settings seem to work.


     

    This is really old post, but I just run into the same situation.

    We wold like to be able to run snapchat on our WI-FI (Seperate VLAN). 

    Snapchat says no internet connection when on WI-FI so after some basic troubleshooting it was related to the web protection on the UTM.

    Snapcaht seems to try to access www.feelinsonice.com witch does not resolve on DNS. Tried several public DNS as well.

    Keeping that in mind while reading the log...:

    2017:07:11-13:12:34 sophosgw httpproxy[1595]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="CONNECT" srcip="192.168.195.2" dstip="" user="" group="" ad_domain="" statuscode="502" cached="0" profile="REF_HttProContaInterNetwo2 (PROFILENAMECHANGED)" filteraction="REF_HttCffKloofficef (PROFILENAMECHANGED)" size="0" request="0xf6eec00" url="https://www.feelinsonice.com/" referer="" error="Host not found" authtime="0" dnstime="3" cattime="74" avscantime="0" fullreqtime="331702" device="0" auth="0" ua="" exceptions="" category="178" reputation="neutral" categoryname="Internet Services"

     

    The webfilter BLOCKS the connection because it could not resolve DNS.. WHY?

    Off cause this could be a temporary problem with DNS or the app itself (some old hostname it tries to connect to).

    Turning of WEBFILTER makes the app work.

    So the question is why sophos blocks this when it is not a blocked category... it blocks it just because "Host not found".

    Because it is activly blocked (instead of just not found) the app does not work properly.

    I have looked for a feature /setting on the UTM where it should not block "HOST NOT FOUND" situations, but have not found any...