Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 10 replies
  • Subscribers 2 subscribers
  • Views 12576 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Proceed button on Warn not working

jazzoberoi
Hi Guys,

Using the 9.310-11 firmware with Standard AD-SSO profile.

My issue is that when the users get a 'Content Warn' page with the proceed button, clicking on the proceed button seems to have no effect. The same 'Content Warn' page is loaded repeatedly.

2015:04:27-16:58:50 dvicsophosutm01-1 httpproxy[6336]: id="0072" severity="info" sys="SecureWeb" sub="http" name="Contentfilter warned and proceeded" url="mega.co.nz/" srcip="10.0.30.49" category="170" categoryname="Personal Network Storage" 
2015:04:27-16:58:50 dvicsophosutm01-1 httpproxy[6336]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.0.30.49" dstip="" user="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProContaInterHp5 (Employee (Standard) Proxy Profile)" filteraction=" ()" size="2681" request="0x92c8800" url="mega.co.nz/.../7.0; rv:11.0) like Gecko" exceptions="" 
2015:04:27-16:58:50 dvicsophosutm01-1 httpproxy[6336]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.0.30.49" dstip="" user="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProContaInterHp5 (Employee (Standard) Proxy Profile)" filteraction=" ()" size="2681" request="0x92c8800" url="mega.co.nz/.../7.0; rv:11.0) like Gecko" exceptions="" 
2015:04:27-16:58:50 dvicsophosutm01-1 httpproxy[6336]: id="0071" severity="info" sys="SecureWeb" sub="http" name="web request warned, forbidden category detected" action="warn" method="GET" srcip="10.0.30.49" dstip="" user="testaccount" ad_domain="AD" statuscode="403" cached="0" profile="REF_HttProContaInterHp5 (Employee (Standard) Proxy Profile)" filteraction="REF_DefaultHTTPCFFAction (Decon - Employee Internet - Action)" size="3339" request="0x92c8800" url="mega.co.nz/.../7.0; rv:11.0) like Gecko" exceptions="" reason="category" category="170" reputation="trusted" categoryname="Personal Network Storage" 
2015:04:27-16:58:51 dvicsophosutm01-1 httpproxy[6336]: id="0072" severity="info" sys="SecureWeb" sub="http" name="Contentfilter warned and proceeded" url="mega.co.nz/" srcip="10.0.30.49" category="170" categoryname="Personal Network Storage" 
2015:04:27-16:58:51 dvicsophosutm01-1 httpproxy[6336]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.0.30.49" dstip="" user="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProContaInterHp5 (Employee (Standard) Proxy Profile)" filteraction=" ()" size="2681" request="0xcdd29800" url="mega.co.nz/.../7.0; rv:11.0) like Gecko" exceptions="" 
2015:04:27-16:58:51 dvicsophosutm01-1 httpproxy[6336]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.0.30.49" dstip="" user="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProContaInterHp5 (Employee (Standard) Proxy Profile)" filteraction=" ()" size="2681" request="0xcdd29800" url="mega.co.nz/.../7.0; rv:11.0) like Gecko" exceptions="" 
2015:04:27-16:58:51 dvicsophosutm01-1 httpproxy[6336]: id="0071" severity="info" sys="SecureWeb" sub="http" name="web request warned, forbidden category detected" action="warn" method="GET" srcip="10.0.30.49" dstip="" user="testaccount" ad_domain="AD" statuscode="403" cached="0" profile="REF_HttProContaInterHp5 (Employee (Standard) Proxy Profile)" filteraction="REF_DefaultHTTPCFFAction (Decon - Employee Internet - Action)" size="3339" request="0xcdd29800" url="mega.co.nz/.../7.0; rv:11.0) like Gecko" exceptions="" reason="category" category="170" reputation="trusted" categoryname="Personal Network Storage" 
2015:04:27-16:58:52 dvicsophosutm01-1 httpproxy[6336]: id="0072" severity="info" sys="SecureWeb" sub="http" name="Contentfilter warned and proceeded" url="mega.co.nz/" srcip="10.0.30.49" category="170" categoryname="Personal Network Storage" 
2015:04:27-16:58:52 dvicsophosutm01-1 httpproxy[6336]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.0.30.49" dstip="" user="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProContaInterHp5 (Employee (Standard) Proxy Profile)" filteraction=" ()" size="2681" request="0xe5905000" url="mega.co.nz/.../7.0; rv:11.0) like Gecko" exceptions="" 
2015:04:27-16:58:52 dvicsophosutm01-1 httpproxy[6336]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.0.30.49" dstip="" user="" ad_domain="" statuscode="407" cached="0" profile="REF_HttProContaInterHp5 (Employee (Standard) Proxy Profile)" filteraction=" ()" size="2681" request="0xe5905000" url="mega.co.nz/.../7.0; rv:11.0) like Gecko" exceptions="" 
2015:04:27-16:58:52 dvicsophosutm01-1 httpproxy[6336]: id="0071" severity="info" sys="SecureWeb" sub="http" name="web request warned, forbidden category detected" action="warn" method="GET" srcip="10.0.30.49" dstip="" user="testaccount" ad_domain="AD" statuscode="403" cached="0" profile="REF_HttProContaInterHp5 (Employee (Standard) Proxy Profile)" filteraction="REF_DefaultHTTPCFFAction (Decon - Employee Internet - Action)" size="3339" request="0xe5905000" url="mega.co.nz/.../7.0; rv:11.0) like Gecko" exceptions="" reason="category" category="170" reputation="trusted" categoryname="Personal Network Storage" 


What can be the issue ? However, the same thing works in Transparent AD-SSO mode.

2015:04:27-17:05:21 dvicsophosutm01-1 httpproxy[6336]: id="0072" severity="info" sys="SecureWeb" sub="http" name="Contentfilter warned and proceeded" url="mega.co.nz/" srcip="10.0.30.49" category="170" categoryname="Personal Network Storage" 
2015:04:27-17:07:13 dvicsophosutm01-1 httpproxy[6336]: id="0072" severity="info" sys="SecureWeb" sub="http" name="Contentfilter warned and proceeded" url="www.sugarsync.com/" srcip="10.0.30.49" category="170" categoryname="Personal Network Storage" 
2015:04:27-17:07:16 dvicsophosutm01-1 httpproxy[6336]: id="0060" severity="info" sys="SecureWeb" sub="http" name="web request blocked, forbidden category detected" action="block" method="CONNECT" srcip="10.0.30.49" dstip="" user="" ad_domain="" statuscode="403" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffDeconBaseEmplo (Decon (Base) - Employee Internet - Action)" size="0" request="0x8ce7000" url="stats.g.doubleclick.net/" referer="" error="" authtime="0" dnstime="0" cattime="96099" avscantime="0" fullreqtime="309502" device="1" auth="2" ua="" exceptions="" reason="category" category="154" reputation="neutral" categoryname="Web Ads" 
2015:04:27-17:07:16 dvicsophosutm01-1 httpproxy[6336]: id="0060" severity="info" sys="SecureWeb" sub="http" name="web request blocked, forbidden category detected" action="block" method="CONNECT" srcip="10.0.30.49" dstip="" user="" ad_domain="" statuscode="403" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffDeconBaseEmplo (Decon (Base) - Employee Internet - Action)" size="0" request="0xe595e800" url="stats.g.doubleclick.net/" referer="" error="" authtime="1" dnstime="0" cattime="95930" avscantime="0" fullreqtime="312237" device="1" auth="2" ua="" exceptions="" reason="category" category="154" reputation="neutral" categoryname="Web Ads" 
2015:04:27-17:07:16 dvicsophosutm01-1 httpproxy[6336]: id="0060" severity="info" sys="SecureWeb" sub="http" name="web request blocked, forbidden category detected" action="block" method="CONNECT" srcip="10.0.30.49" dstip="" user="" ad_domain="" statuscode="403" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffDeconBaseEmplo (Decon (Base) - Employee Internet - Action)" size="0" request="0xe5905000" url="stats.g.doubleclick.net/" referer="" error="" authtime="0" dnstime="0" cattime="71" avscantime="0" fullreqtime="208278" device="1" auth="2" ua="" exceptions="" reason="category" category="154" reputation="neutral" categoryname="Web Ads" 


This thread was automatically locked due to age.
Parents
  • 0
    This happens with any web browser. I was with Sophos Support trying to resolve this issue last night.. Although its not yet resolved whats interesting is that the SEC based Endpoint Protection (which i've integrated with the UTM for web categories) seems to be intercepting the web traffic and causing a conflict !!

    If i switch the SEC Endpoint protection to SEC standalone, this does not happen. Otherwise, i keep getting the 'Warn' page over and over again !
Reply
  • 0
    This happens with any web browser. I was with Sophos Support trying to resolve this issue last night.. Although its not yet resolved whats interesting is that the SEC based Endpoint Protection (which i've integrated with the UTM for web categories) seems to be intercepting the web traffic and causing a conflict !!

    If i switch the SEC Endpoint protection to SEC standalone, this does not happen. Otherwise, i keep getting the 'Warn' page over and over again !
Children
No Data
Unfiltered HTML