This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

error="Timeout while reading response from Server"

Hello. We are running version 9.355-1 and we have errors like:

"name="web request blocked" action="block" method="GET" srcip="internal IP" dstip="195.81.235.178" user="" ad_domain="" statuscode="504" cached="0" profile="REF_HttProContaInterNetwo (Blocked Categories)" filteraction="REF_HttCffAmyBlockCateg (Blocked Categories)" size="2567" request="0xb2de000" url="online-update-software.alcatel.com/53875160-eae5-4625-b094-32851b12ea9c.pim" referer="" error="Timeout while reading response from Server" authtime="0" dnstime="777" cattime="82301" avscantime="0" fullreqtime="61041279" device="0" auth="0" ua="OnlineUpdate" exceptions="" category="178" reputation="trusted" categoryname="Internet Services""

for some sites. I tried to run "cc set http response_timeout 120" as root, but I get the response in the attached file.

How can I run the command?

Regards



This thread was automatically locked due to age.
Parents
  • Your screenshot shows a typo.  respone rather than response.

  • Hello. I open the network group for online-update-software.alcatel.com and tried again but nothing. The errors are:

    action="block" method="HEAD" srcip="Internal IP" dstip="195.81.235.178" user="" ad_domain="" statuscode="504" cached="0" profile="REF_HttProContaInterNetwo (Blocked Categories)" filteraction="REF_HttCffAmyBlockCateg (Blocked Categories)" size="0" request="0x3e75a800" url="online-update-software.alcatel.com/53875160-eae5-4625-b094-32851b12ea9c.pim" referer="" error="Timeout while reading response from Server" authtime="0" dnstime="1035" cattime="76" avscantime="0" fullreqtime="60642854" device="0" auth="0" ua="OnlineUpdate" exceptions="" category="178" reputation="trusted" categoryname="Internet Services" country="United Kingdom"

    action="block" method="GET" srcip="Internal IP" dstip="195.81.235.178" user="" ad_domain="" statuscode="504" cached="0" profile="REF_HttProContaInterNetwo (Blocked Categories)" filteraction="REF_HttCffAmyBlockCateg (Blocked Categories)" size="2567" request="0x2ce1d800" url="online-update-software.alcatel.com/53875160-eae5-4625-b094-32851b12ea9c.pim" referer="" error="Timeout while reading response from Server" authtime="0" dnstime="1057" cattime="72" avscantime="0" fullreqtime="60757287" device="0" auth="0" ua="OnlineUpdate" exceptions="" category="178" reputation="trusted" categoryname="Internet Services" country="United Kingdom"

    Regards

  • The traffic is still going through the proxy and there is no exception for antivirus. Try the exception first. In the future, please post complete log lines  including the date and time.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • The traffic is still going through the proxy and there is no exception for antivirus. Try the exception first. In the future, please post complete log lines  including the date and time.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • Hello. I removed Transparent Mode Skiplist exception and left only antivirus exception for online-update-software.alcatel.com. The logs are:

     2016:03:02-14:50:19 athens httpproxy[24587]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="Internal IP" dstip="195.81.235.178" user="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo (Blocked Categories)" filteraction="REF_HttCffAmyBlockCateg (AMY Blocked Categories)" size="5072" request="0x3e62e800" url="online-update-software.alcatel.com/" referer="" error="" authtime="0" dnstime="368" cattime="44" avscantime="0" fullreqtime="459034" device="0" auth="0" ua="" exceptions="av" category="178" reputation="trusted" categoryname="Internet Services" country="United Kingdom"

     2016:03:02-14:51:19 athens httpproxy[24587]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="HEAD" srcip="Internal IP" dstip="195.81.235.178" user="" ad_domain="" statuscode="504" cached="0" profile="REF_HttProContaInterNetwo (Blocked Categories)" filteraction="REF_HttCffAmyBlockCateg (AMY Blocked Categories)" size="0" request="0x236d7000" url="online-update-software.alcatel.com/53875160-eae5-4625-b094-32851b12ea9c.pim" referer="" error="Timeout while reading response from Server" authtime="0" dnstime="620" cattime="37" avscantime="0" fullreqtime="60707376" device="0" auth="0" ua="OnlineUpdate" exceptions="av" category="178" reputation="trusted" categoryname="Internet Services" country="United Kingdom

    After that I tried with both Transparent Mode Skiplist exception and antivirus exception enabled. The logs are:

    2016:03:02-14:54:31 athens httpproxy[24587]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="Internal IP" dstip="195.81.235.178" user="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo (Blocked Categories)" filteraction="REF_HttCffAmyBlockCateg (Blocked Categories)" size="5072" request="0x3d848800" url="online-update-software.alcatel.com/" referer="" error="" authtime="0" dnstime="7" cattime="35" avscantime="0" fullreqtime="463191" device="0" auth="0" ua="" exceptions="av" category="178" reputation="trusted" categoryname="Internet Services" country="United Kingdom"

    2016:03:02-14:55:31 athens httpproxy[24587]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="HEAD" srcip="Internal IP" dstip="195.81.235.178" user="" ad_domain="" statuscode="504" cached="0" profile="REF_HttProContaInterNetwo (Blocked Categories)" filteraction="REF_HttCffAmyBlockCateg (Blocked Categories)" size="0" request="0x3e996000" url="online-update-software.alcatel.com/53875160-eae5-4625-b094-32851b12ea9c.pim" referer="" error="Timeout while reading response from Server" authtime="0" dnstime="929" cattime="62" avscantime="0" fullreqtime="60661998" device="0" auth="0" ua="OnlineUpdate" exceptions="av" category="178" reputation="trusted" categoryname="Internet Services" country="United Kingdom"

    Regards

  • The traffic is still being captured by the proxy, so either your entry in the Skiplist has an error or you are not using the proxy in the Transparent mode.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hello Bob. I uploaded some screenshots to check. Can't see something wrong in the Skiplist or the AV exception.Screenshots.docx

    Regards

  • (Grasping at straws here.)  Does the Alcatel DNS Group definition violate #3 in Rulz? That's in the "Destination" list, right?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hello Bob. Rule 3 is ok, but I had it at source Networks!!

    I changed it to Skip Transparent Mode Destination Hosts/Nets and tried again. The traffic is not captured any more by web filtering log, but I get the same error message from the application.

    "Timeout during conection to server.  https://online-update-software.alcatel.com/updateservices.asmx"

    Regards

  • Do you get any hints from applying #1 in

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hello. I disabled IPS and Advanced Threat Protection but no luck. Will make more tests and see what will happen.

    Thanks for you time and help.

    Regards

  • Did you test from another location without an UTM?

    I had the same problems and tested via Mobile Phone HotSpot: Same error, so I assume it's simply the Alcatel servers having problems, not our UTMs...

    ----------
    Sophos user, admin and reseller.
    Private Setup:

    • XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)
    • UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)