Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 14 replies
  • Subscribers 4 subscribers
  • Views 42094 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

error="Timeout while reading response from Server"

band

Hello. We are running version 9.355-1 and we have errors like:

"name="web request blocked" action="block" method="GET" srcip="internal IP" dstip="195.81.235.178" user="" ad_domain="" statuscode="504" cached="0" profile="REF_HttProContaInterNetwo (Blocked Categories)" filteraction="REF_HttCffAmyBlockCateg (Blocked Categories)" size="2567" request="0xb2de000" url="online-update-software.alcatel.com/53875160-eae5-4625-b094-32851b12ea9c.pim" referer="" error="Timeout while reading response from Server" authtime="0" dnstime="777" cattime="82301" avscantime="0" fullreqtime="61041279" device="0" auth="0" ua="OnlineUpdate" exceptions="" category="178" reputation="trusted" categoryname="Internet Services""

for some sites. I tried to run "cc set http response_timeout 120" as root, but I get the response in the attached file.

How can I run the command?

Regards



This thread was automatically locked due to age.
  • 0

    Thanks for posting your question here, George.

    statuscode="504" [...] fullreqtime="61041279" means the server doesn't play well with proxies and that the proxy timed out after sixty seconds.  If the timeout were increased, the result would be the same.  With this error, if creating an Exception for Anti-Virus for online-update-software.alcatel.com doesn't solve the problem, then you'll need to skip the proxy for that FQDN.  In Transparent mode, this is done by adding a DNS Group for the FQDN to the Transparent Mode Skiplist.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Bob, I had several cases with my clients in the past where increasing this timeout value actually resolved the problem.

    In almost all of the cases problem was related with B2B online portals or Government sites, while searching for a query where local database services and Internet links were not optimized for a heavy traffic:

    Last time I run that command was with 9.315 firmware version, will try it in my lab environment with the latest one.

  • 0

    Your screenshot shows a typo.  respone rather than response.

  • 0 in reply to Michael Dunn

    Hello. I open the network group for online-update-software.alcatel.com and tried again but nothing. The errors are:

    action="block" method="HEAD" srcip="Internal IP" dstip="195.81.235.178" user="" ad_domain="" statuscode="504" cached="0" profile="REF_HttProContaInterNetwo (Blocked Categories)" filteraction="REF_HttCffAmyBlockCateg (Blocked Categories)" size="0" request="0x3e75a800" url="online-update-software.alcatel.com/53875160-eae5-4625-b094-32851b12ea9c.pim" referer="" error="Timeout while reading response from Server" authtime="0" dnstime="1035" cattime="76" avscantime="0" fullreqtime="60642854" device="0" auth="0" ua="OnlineUpdate" exceptions="" category="178" reputation="trusted" categoryname="Internet Services" country="United Kingdom"

    action="block" method="GET" srcip="Internal IP" dstip="195.81.235.178" user="" ad_domain="" statuscode="504" cached="0" profile="REF_HttProContaInterNetwo (Blocked Categories)" filteraction="REF_HttCffAmyBlockCateg (Blocked Categories)" size="2567" request="0x2ce1d800" url="online-update-software.alcatel.com/53875160-eae5-4625-b094-32851b12ea9c.pim" referer="" error="Timeout while reading response from Server" authtime="0" dnstime="1057" cattime="72" avscantime="0" fullreqtime="60757287" device="0" auth="0" ua="OnlineUpdate" exceptions="" category="178" reputation="trusted" categoryname="Internet Services" country="United Kingdom"

    Regards

  • 0 in reply to Michael Dunn

    Hello Michael, you are right about the typo, but increasing the timeout didn't solve the problem as Balfson said.

    Regards

  • 0 in reply to band

    The traffic is still going through the proxy and there is no exception for antivirus. Try the exception first. In the future, please post complete log lines  including the date and time.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hello. I removed Transparent Mode Skiplist exception and left only antivirus exception for online-update-software.alcatel.com. The logs are:

     2016:03:02-14:50:19 athens httpproxy[24587]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="Internal IP" dstip="195.81.235.178" user="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo (Blocked Categories)" filteraction="REF_HttCffAmyBlockCateg (AMY Blocked Categories)" size="5072" request="0x3e62e800" url="online-update-software.alcatel.com/" referer="" error="" authtime="0" dnstime="368" cattime="44" avscantime="0" fullreqtime="459034" device="0" auth="0" ua="" exceptions="av" category="178" reputation="trusted" categoryname="Internet Services" country="United Kingdom"

     2016:03:02-14:51:19 athens httpproxy[24587]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="HEAD" srcip="Internal IP" dstip="195.81.235.178" user="" ad_domain="" statuscode="504" cached="0" profile="REF_HttProContaInterNetwo (Blocked Categories)" filteraction="REF_HttCffAmyBlockCateg (AMY Blocked Categories)" size="0" request="0x236d7000" url="online-update-software.alcatel.com/53875160-eae5-4625-b094-32851b12ea9c.pim" referer="" error="Timeout while reading response from Server" authtime="0" dnstime="620" cattime="37" avscantime="0" fullreqtime="60707376" device="0" auth="0" ua="OnlineUpdate" exceptions="av" category="178" reputation="trusted" categoryname="Internet Services" country="United Kingdom

    After that I tried with both Transparent Mode Skiplist exception and antivirus exception enabled. The logs are:

    2016:03:02-14:54:31 athens httpproxy[24587]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="Internal IP" dstip="195.81.235.178" user="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo (Blocked Categories)" filteraction="REF_HttCffAmyBlockCateg (Blocked Categories)" size="5072" request="0x3d848800" url="online-update-software.alcatel.com/" referer="" error="" authtime="0" dnstime="7" cattime="35" avscantime="0" fullreqtime="463191" device="0" auth="0" ua="" exceptions="av" category="178" reputation="trusted" categoryname="Internet Services" country="United Kingdom"

    2016:03:02-14:55:31 athens httpproxy[24587]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="HEAD" srcip="Internal IP" dstip="195.81.235.178" user="" ad_domain="" statuscode="504" cached="0" profile="REF_HttProContaInterNetwo (Blocked Categories)" filteraction="REF_HttCffAmyBlockCateg (Blocked Categories)" size="0" request="0x3e996000" url="online-update-software.alcatel.com/53875160-eae5-4625-b094-32851b12ea9c.pim" referer="" error="Timeout while reading response from Server" authtime="0" dnstime="929" cattime="62" avscantime="0" fullreqtime="60661998" device="0" auth="0" ua="OnlineUpdate" exceptions="av" category="178" reputation="trusted" categoryname="Internet Services" country="United Kingdom"

    Regards

  • 0 in reply to band

    The traffic is still being captured by the proxy, so either your entry in the Skiplist has an error or you are not using the proxy in the Transparent mode.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hello Bob. I uploaded some screenshots to check. Can't see something wrong in the Skiplist or the AV exception.Screenshots.docx

    Regards

  • 0 in reply to band

    (Grasping at straws here.)  Does the Alcatel DNS Group definition violate #3 in Rulz? That's in the "Destination" list, right?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML