Trouble with Web Filtering.. maybe

Without knowing what your running your proxy as, transparent/standard etc etc and even if your wireless is surfing through the proxy? I'd check to see if the port is allowed via the target services

Web protection - Filtering Options - Misc

Add 8081 and see if that works. But there should be a log entry. I'd also try running that through the policy helpdesk and see if it tells you  "Target service not allowed"

Thanks for the reply. I have tested it and the domain is allowed and the actual URL link to the file is allowed. I have no proxy configured, (or don't know where to look) just took the setup wizard with no content filtering enabled.

I don't know where else to look to try and find what could be blocking the file. 

TIA

Do you have different DNS assigned when connecting to your wifi (that works) compared to when it doesn't work plugged into your LAN? When it isn't working, can you nslookup that address and it resolves? That site seems to work fine for me (prodintgrtn.cloudapp.net:8081/), it looks like a IIS test page.

Judging by your screenshot you are surfing through the base policy on your proxy, so....something is setup I'm guessing. We protection, Web filtering and Web Filtering Profiles. I'd also check the web filtering log

First I apologize for asking such newbie setup questions. I am very new to Sophos Verbiage and setup coming from a Netgear Firewall which was a very basic setup compared to this. I ran through the setup wizard and entered all the information I was asked. I am trying to find my DNS settings. I am not having DNS issues first off. Websites are resolving. However I have no DNS forwarders in my setup. I have a check by use forwarders provided by ISP but it states none are assigned. I am assuming I should add my ISP DNS's to the forwarders list.

I can get to the page listed above, the last screen shot is the direct file link which fails, the same link listed in the 2nd picture which states it is allowed.

Here is a pic of my DNS forwarders and I do appreciate whatever help I get.

First I apologize for asking such newbie setup questions. I am very new to Sophos Verbiage and setup coming from a Netgear Firewall which was a very basic setup compared to this. I ran through the setup wizard and entered all the information I was asked. I am trying to find my DNS settings. I am not having DNS issues first off. Websites are resolving. However I have no DNS forwarders in my setup. I have a check by use forwarders provided by ISP but it states none are assigned. I am assuming I should add my ISP DNS's to the forwarders list.

I can get to the page listed above, the last screen shot is the direct file link which fails, the same link listed in the 2nd picture which states it is allowed.

Here is a pic of my DNS forwarders and I do appreciate whatever help I get.

I'm not overly concerned about the UTM DNS. Can your PC resolve, what is it's DNS setting? The UTM IP is the PC's DNS? I don't think it's a DNS issue either as you can surf the web. Check your web filtering log, intrusion prevention

192.168.2.1
8.8.8.8

Web Filter log:

DNS is
192.168.2.1
8.8.8.8

No blocked entries in Web Filter log

No entries in IPS log

Thats not a lot of information considering you're looking for help here. Thats the IP of your UTM? There has to be a difference between your wifi and local lan since one works and the other doesn't. There will be a log entry, firewall? You're surfing through the basic web profile (proxy) according to your screenshot. Make an exception and try again. Without knowing how you set this thing up, it's you who need to check your logs and do some really basic troubleshooting. https://www.sophos.com/en/support/documentation/sophos-utm.aspx

This happens on ALL pc's hardwired on your network, and none of the wireless ones? Or is this one computer. This would probably be easy to figure out, but I dont think you want to pay me to fix it, nor am I local and able to check these things for you

Sorry it's not the information you were expecting.

I have checked my firewall logs and filtered it on my IP, it does not block anything. I've tested it on several hardwired machines so I feel it is a rule somewhere that's catching it. It works fine on the wireless network. Again I simply used the wizard to create the rules.

I am going through as many steps as I can to resolve the problem and not just trying to have someone give me the answer. This started two days ago so I've researched for that long before asking for help.

I'll go through the link you provided and see where that takes me.

I do appreciate your time and ideas nonetheless.

I'd create a web filter exception and see where that takes you. Or you can try turning off web filtering, and try.  If that works, your wifi network isn't using the proxy, and I'm guessing you don't want it that way. Is the wifi on the same subnet as the hardwired machines? Or are they different DHCP scopes?  

And if something is blocked somewhere, there will be a log. Are your firewall rules logging, I dont think that is turned on by default? Check every log you can, rinse and repeat. 

statuscode="302" is a redirect isnt it? Might not be the URL you think it is, either way a log is somewhere telling you whats going on

The website we log into is a Flash site, then we click the shipment we want to view, then click BOL. This should pull in a new window.

I enabled the firewall rules like you said.

I turned off content filtering and tried, failed.

I created a "firewall off" rule, ( ANY Source using ANY service to ANY destination). Set it at top. Did not work.

The Wireless is setup on a different IP scheme than Hard Wired. 

Here is Web filter log.

2017:01:12-23:31:39 bonesafety httpproxy[9397]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.12" dstip="23.96.6.76" user="" group="" ad_domain="" statuscode="302" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="213" request="0xd592000" url="tms.eshipmanager.com/.../printdocument.cfm referer="tms.eshipmanager.com/index.cfm error="" authtime="0" dnstime="0" cattime="465" avscantime="5806" fullreqtime="33723501" device="0" auth="0" ua="Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36" exceptions="" category="105" reputation="neutral" categoryname="Business" application="flash" app-id="1128" sandbox="-" content-type="text/plain"

Weird. Thanks again.

With the wifi and hardwire being on different subnets, that is probably your key. Does each one use the same DNS? Different? Are Each one of these subnets listed under the Allowed networks for your default web filter profile? Your web exception was content filtering only? What about antivirus, extensions filtering? Test everything. Again, this is more than likely your setup but you've yet to state anything about your proxy setup and your default web profile. 

rsenio said:

With the wifi and hardwire being on different subnets, that is probably your key.

Does each one use the same DNS? Different?

Other than the pic below where would I see specific DNS entries for these networks?

Are Each one of these subnets listed under the Allowed networks for your default web filter profile?

No only the Internal Network. I have disabled the Web Filtering and it will still not work.

Your web exception was content filtering only?What about antivirus, extensions filtering?

  

Test everything. Again, this is more than likely your setup but you've yet to state anything about your proxy setup

 

and your default web profile. Don't know where to find that info sry