This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM running Full Transparent, web filtering not working

I have my UTM (9.404-5) running in full transparent mode.  I have activated web filtering .. but it's not working.  I have put in a website under the "Block these websites" section (www.technewsworld and technewsworld.com) for testing purposes.  No websites are blocked however.  I can browse right to them.

Any suggestions for places to look for incorrect configuration?  My network setup is Cable modem >Cisco router>UTM 9 (Bridged)>Switch>PCs.

Looking at the web filtering live log, I see several entries that say "failed to resolve passthrough6.fw-notify.net"

Thank you .. This is driving me crazy!



This thread was automatically locked due to age.
Parents
  • I'm having the same issue and the same entries in the Web filtering log.

    Here is the Global config...

    Here is the filter config...

    There are dozens of domains in the blacklist, but none are actually being blocked. When I run the domain through the Policy Helpdesk is says it should be blocked but if I browse to the site on a PC I get through just fine.

    Another strange symptom is that when I try to view any of the Web Protection reports there is nothing in the reports. They all say "No data" or "Empty result".

    I have another Sophos appliance at my other location with the exact same settings and it is working fine.

  • Hi Scott,

    Try to add RegEx in place of domain. RegEx for Netflix will be:

    ^https?://([A-Za-z0-9.-]*\.)?www\.netflix\.com/

    Finally, restart httpproxy, take SSH to UTM and execute /var/mdw/scripts/httpproxy restart

     Also, can you post http.log while trying to access netflix.com after making the changes?

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

Reply
  • Hi Scott,

    Try to add RegEx in place of domain. RegEx for Netflix will be:

    ^https?://([A-Za-z0-9.-]*\.)?www\.netflix\.com/

    Finally, restart httpproxy, take SSH to UTM and execute /var/mdw/scripts/httpproxy restart

     Also, can you post http.log while trying to access netflix.com after making the changes?

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

Children