Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 10 replies
  • Subscribers 2 subscribers
  • Views 12579 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Proceed button on Warn not working

jazzoberoi
Hi Guys,

Using the 9.310-11 firmware with Standard AD-SSO profile.

My issue is that when the users get a 'Content Warn' page with the proceed button, clicking on the proceed button seems to have no effect. The same 'Content Warn' page is loaded repeatedly.

2015:04:27-16:58:50 dvicsophosutm01-1 httpproxy[6336]: id="0072" severity="info" sys="SecureWeb" sub="http" name="Contentfilter warned and proceeded" url="mega.co.nz/" srcip="10.0.30.49" category="170" categoryname="Personal Network Storage" 
2015:04:27-16:58:50 dvicsophosutm01-1 httpproxy[6336]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.0.30.49" dstip="" user="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProContaInterHp5 (Employee (Standard) Proxy Profile)" filteraction=" ()" size="2681" request="0x92c8800" url="mega.co.nz/.../7.0; rv:11.0) like Gecko" exceptions="" 
2015:04:27-16:58:50 dvicsophosutm01-1 httpproxy[6336]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.0.30.49" dstip="" user="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProContaInterHp5 (Employee (Standard) Proxy Profile)" filteraction=" ()" size="2681" request="0x92c8800" url="mega.co.nz/.../7.0; rv:11.0) like Gecko" exceptions="" 
2015:04:27-16:58:50 dvicsophosutm01-1 httpproxy[6336]: id="0071" severity="info" sys="SecureWeb" sub="http" name="web request warned, forbidden category detected" action="warn" method="GET" srcip="10.0.30.49" dstip="" user="testaccount" ad_domain="AD" statuscode="403" cached="0" profile="REF_HttProContaInterHp5 (Employee (Standard) Proxy Profile)" filteraction="REF_DefaultHTTPCFFAction (Decon - Employee Internet - Action)" size="3339" request="0x92c8800" url="mega.co.nz/.../7.0; rv:11.0) like Gecko" exceptions="" reason="category" category="170" reputation="trusted" categoryname="Personal Network Storage" 
2015:04:27-16:58:51 dvicsophosutm01-1 httpproxy[6336]: id="0072" severity="info" sys="SecureWeb" sub="http" name="Contentfilter warned and proceeded" url="mega.co.nz/" srcip="10.0.30.49" category="170" categoryname="Personal Network Storage" 
2015:04:27-16:58:51 dvicsophosutm01-1 httpproxy[6336]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.0.30.49" dstip="" user="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProContaInterHp5 (Employee (Standard) Proxy Profile)" filteraction=" ()" size="2681" request="0xcdd29800" url="mega.co.nz/.../7.0; rv:11.0) like Gecko" exceptions="" 
2015:04:27-16:58:51 dvicsophosutm01-1 httpproxy[6336]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.0.30.49" dstip="" user="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProContaInterHp5 (Employee (Standard) Proxy Profile)" filteraction=" ()" size="2681" request="0xcdd29800" url="mega.co.nz/.../7.0; rv:11.0) like Gecko" exceptions="" 
2015:04:27-16:58:51 dvicsophosutm01-1 httpproxy[6336]: id="0071" severity="info" sys="SecureWeb" sub="http" name="web request warned, forbidden category detected" action="warn" method="GET" srcip="10.0.30.49" dstip="" user="testaccount" ad_domain="AD" statuscode="403" cached="0" profile="REF_HttProContaInterHp5 (Employee (Standard) Proxy Profile)" filteraction="REF_DefaultHTTPCFFAction (Decon - Employee Internet - Action)" size="3339" request="0xcdd29800" url="mega.co.nz/.../7.0; rv:11.0) like Gecko" exceptions="" reason="category" category="170" reputation="trusted" categoryname="Personal Network Storage" 
2015:04:27-16:58:52 dvicsophosutm01-1 httpproxy[6336]: id="0072" severity="info" sys="SecureWeb" sub="http" name="Contentfilter warned and proceeded" url="mega.co.nz/" srcip="10.0.30.49" category="170" categoryname="Personal Network Storage" 
2015:04:27-16:58:52 dvicsophosutm01-1 httpproxy[6336]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.0.30.49" dstip="" user="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProContaInterHp5 (Employee (Standard) Proxy Profile)" filteraction=" ()" size="2681" request="0xe5905000" url="mega.co.nz/.../7.0; rv:11.0) like Gecko" exceptions="" 
2015:04:27-16:58:52 dvicsophosutm01-1 httpproxy[6336]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.0.30.49" dstip="" user="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProContaInterHp5 (Employee (Standard) Proxy Profile)" filteraction=" ()" size="2681" request="0xe5905000" url="mega.co.nz/.../7.0; rv:11.0) like Gecko" exceptions="" 
2015:04:27-16:58:52 dvicsophosutm01-1 httpproxy[6336]: id="0071" severity="info" sys="SecureWeb" sub="http" name="web request warned, forbidden category detected" action="warn" method="GET" srcip="10.0.30.49" dstip="" user="testaccount" ad_domain="AD" statuscode="403" cached="0" profile="REF_HttProContaInterHp5 (Employee (Standard) Proxy Profile)" filteraction="REF_DefaultHTTPCFFAction (Decon - Employee Internet - Action)" size="3339" request="0xe5905000" url="mega.co.nz/.../7.0; rv:11.0) like Gecko" exceptions="" reason="category" category="170" reputation="trusted" categoryname="Personal Network Storage" 


What can be the issue ? However, the same thing works in Transparent AD-SSO mode.

2015:04:27-17:05:21 dvicsophosutm01-1 httpproxy[6336]: id="0072" severity="info" sys="SecureWeb" sub="http" name="Contentfilter warned and proceeded" url="mega.co.nz/" srcip="10.0.30.49" category="170" categoryname="Personal Network Storage" 
2015:04:27-17:07:13 dvicsophosutm01-1 httpproxy[6336]: id="0072" severity="info" sys="SecureWeb" sub="http" name="Contentfilter warned and proceeded" url="www.sugarsync.com/" srcip="10.0.30.49" category="170" categoryname="Personal Network Storage" 
2015:04:27-17:07:16 dvicsophosutm01-1 httpproxy[6336]: id="0060" severity="info" sys="SecureWeb" sub="http" name="web request blocked, forbidden category detected" action="block" method="CONNECT" srcip="10.0.30.49" dstip="" user="" ad_domain="" statuscode="403" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffDeconBaseEmplo (Decon (Base) - Employee Internet - Action)" size="0" request="0x8ce7000" url="stats.g.doubleclick.net/" referer="" error="" authtime="0" dnstime="0" cattime="96099" avscantime="0" fullreqtime="309502" device="1" auth="2" ua="" exceptions="" reason="category" category="154" reputation="neutral" categoryname="Web Ads" 
2015:04:27-17:07:16 dvicsophosutm01-1 httpproxy[6336]: id="0060" severity="info" sys="SecureWeb" sub="http" name="web request blocked, forbidden category detected" action="block" method="CONNECT" srcip="10.0.30.49" dstip="" user="" ad_domain="" statuscode="403" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffDeconBaseEmplo (Decon (Base) - Employee Internet - Action)" size="0" request="0xe595e800" url="stats.g.doubleclick.net/" referer="" error="" authtime="1" dnstime="0" cattime="95930" avscantime="0" fullreqtime="312237" device="1" auth="2" ua="" exceptions="" reason="category" category="154" reputation="neutral" categoryname="Web Ads" 
2015:04:27-17:07:16 dvicsophosutm01-1 httpproxy[6336]: id="0060" severity="info" sys="SecureWeb" sub="http" name="web request blocked, forbidden category detected" action="block" method="CONNECT" srcip="10.0.30.49" dstip="" user="" ad_domain="" statuscode="403" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffDeconBaseEmplo (Decon (Base) - Employee Internet - Action)" size="0" request="0xe5905000" url="stats.g.doubleclick.net/" referer="" error="" authtime="0" dnstime="0" cattime="71" avscantime="0" fullreqtime="208278" device="1" auth="2" ua="" exceptions="" reason="category" category="154" reputation="neutral" categoryname="Web Ads" 


This thread was automatically locked due to age.
Parents
  • 0
    if you are using standard mode you have to tell the machines where the proxy is and on what port.  This is usually accomplished via Group Policy(as in the case of your ADSSO setup).  IN transparent mode the proxy automatically grabs port 80 traffic so there's no client configuration needed.

    Owner:  Emmanuel Technology Consulting

    http://etc-md.com

    Former Sophos SG(Astaro) advocate/researcher/Silver Partner

    PfSense w/Suricata, ntopng, 

    Other addons to follow

Reply
  • 0
    if you are using standard mode you have to tell the machines where the proxy is and on what port.  This is usually accomplished via Group Policy(as in the case of your ADSSO setup).  IN transparent mode the proxy automatically grabs port 80 traffic so there's no client configuration needed.

    Owner:  Emmanuel Technology Consulting

    http://etc-md.com

    Former Sophos SG(Astaro) advocate/researcher/Silver Partner

    PfSense w/Suricata, ntopng, 

    Other addons to follow

Children
No Data
Unfiltered HTML