Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 15 replies
  • Subscribers 1 subscriber
  • Views 12515 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web Filter blocking Amazon

AaronOsmer
Yesterday my web filter started blocking Amazon. The only way I can seem to fix it is turning off the web filter. I tried creating an exception, but it still wont work. This behaves the same on PC and Mac, but it loads fine on my mobile devices. Any ideas? 

2015:03:02-23:47:00 utm httpproxy[6049]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="GET" srcip="192.168.1.10" dstip="205.251.242.103" user="" ad_domain="" statuscode="502" cached="0" profile="REF_HttProGuestNetwo (Private)" filteraction="REF_HttCffPrivate (Private)" size="0" request="0xe39af000" url="www.amazon.com/.../html"

2015:03:02-23:47:05 utm httpproxy[6049]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="GET" srcip="192.168.1.10" dstip="176.32.98.166" user="" ad_domain="" statuscode="500" cached="0" profile="REF_HttProGuestNetwo (Private)" filteraction="REF_HttCffPrivate (Private)" size="0" request="0xe38f5800" url="www.amazon.com/.../html"

2015:03:02-23:48:01 utm httpproxy[6049]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="GET" srcip="192.168.1.10" dstip="176.32.98.166" user="" ad_domain="" statuscode="504" cached="0" profile="REF_HttProGuestNetwo (Private)" filteraction="REF_HttCffPrivate (Private)" size="2636" request="0xe3a2b000" url="www.amazon.com/.../html"

2015:03:02-23:51:41 utm httpproxy[6049]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="GET" srcip="192.168.1.10" dstip="176.32.98.166" user="" ad_domain="" statuscode="504" cached="0" profile="REF_HttProGuestNetwo (Private)" filteraction="REF_HttCffPrivate (Private)" size="0" request="0xe3984000" url="www.amazon.com/.../html"


This thread was automatically locked due to age.
  • 0
    Just strange, really strange...  As you probably know from searching this forum, no one else has ever reported a problem like this with Amazon.com.  If burning a new ISO at 
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    The nic idea got me thinking, so I switched my internal/external vnics with each other and like magic it's started working again. Still doesn't explain what was going on, but for now the issue seems to have ironed itself out.

    Thanks again for the help everyone!
  • 0 in reply to AaronOsmer
    The nic idea got me thinking, so I switched my internal/external vnics with each other and like magic it's started working again. Still doesn't explain what was going on, but for now the issue seems to have ironed itself out.

    Thanks again for the help everyone!



    I'm having the same issue running ESXi also.  Will you let me know if you changed your vnics inside vmware or Sophos?

    Thanks
  • 0
    It was the physical hardware NICs that needed to be switched so that the other one was on the WAN connection.  Then, make the change in ESXi.

    Also, the VMXNET3 driver is preferred.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to AaronOsmer
    The nic idea got me thinking, so I switched my internal/external vnics with each other and like magic it's started working again. Still doesn't explain what was going on, but for now the issue seems to have ironed itself out.

    Thanks again for the help everyone!


    Speed / Duplex mismatch with your switch or the ISP CPE -- seen it before, random, random failures to browse (some sites work great, some don't) -- found it to be a speed/duplex mismatch at the physical layer.  Typically locking down speed/duplex settings on both pieces of equipment squares it away.  If you log into the console of the UTM (or in this case, host server), look for excessive CRC errors -- you can also look at your switch statistics if you are using a managed switch.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Sophos Platinum Partner

    --------------------------------------

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Unfiltered HTML