Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 10 replies
  • Subscribers 6 subscribers
  • Views 27042 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Bridge web protection transparent block traffic http/https

BernardArchambault1

I configured a bridge with UTM9.  Firewall rules ANY ANY. Everyting work Ok when the Web Protection is disabled.

But when i configure Web protection, Full Transparent, i'm not able to surf to internet with my Workstation.

Others protocols like ICMP or FTP work fine. 

Do you know what si the problem ?  All web sites are alloweds in the Default content filter action.



This thread was automatically locked due to age.
Parents
  • 0
    Bernard,

    can you share the web filter live log? Also which ip is set on UTM bridge interface? Default gateway?

    Luk
  • 0 in reply to lferrara

    I'm having the same problem. As soon as I allow "any" for Web filtering, Web traffic stop, but I'm still able to icmp, ftp, rdp, etc. I do not have an IP or gateway configured on the bridge interface because ithe only contains vlans and no untagged traffic. I'm using a separate interface for management access.

  • 0 in reply to ChristianMcDonald

    Hi, Christian, and welcome to the UTM Community!

    If you have the UTM in bridge mode between your network and a router, you must configure the Proxy in "Full Transparent" or "Standard" mode.  In any case, I would never put "Any" in 'Allowed Networks' - always specify your LANs that should have access to the Proxy.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0 in reply to ChristianMcDonald

    Hi, Christian, and welcome to the UTM Community!

    If you have the UTM in bridge mode between your network and a router, you must configure the Proxy in "Full Transparent" or "Standard" mode.  In any case, I would never put "Any" in 'Allowed Networks' - always specify your LANs that should have access to the Proxy.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • 0 in reply to BAlfson

    Or course ANY is not ideal but for testing it should work. I'm using full transparent mode and as soon as I define allowedo networks I lose Web connectivity. The bridge works fine and I can see traffic passing through the firewall log. Any ideas why turning on Web filtering and assigning allowed networks causes Web connectivity to drop on client devices. The ustream router I'm using is pfSense. I'm testing out Sophos as a just a Web filter.

Unfiltered HTML