Hello forum,
I have a working UTM9 cluster with no (relevant) issues. I created the exactly same configuration on a "test" UTM9 cluster (same exceptions, same configuration, same everything). I use my valid account and my test account on the test environment. Everything works like on the production one except one thing. If my valid user starts his Outlook client (mailbox in Office365) I receive a security warning about untrusted certificate. Which is odd due some settings: 1: there is an exception list regarding O365, 2: no HTTPS scanning is enabled, 3: the domain certificate added to the UTM (Web Protection -> HTTPS CAs -> Local verification CAs - my domain wide CA is added and enabled)
If I log in with my test account the popup never appear. I checked (I think) everything on the AD level and the two account are the same (same OU, same GPO settings, same AD group membership, etc).
If I click on the Yes or on No on the security popup, the popup disappear and Outlook client works like a charm with no issues. BUT that's not the expected way of working.
I checked back and forth but didn't found the root cause. found no differences between the production and the test environment.
And as an addendum the "problematic" site is not exists so see no reason why UTM want to apply a certificate for this (there is a companyname.mail.onmicrosoft.com site which not exists and an autodiscover.companyname.mail.onmicrosoft.com which is working)
2017:03:03-11:14:33 dubproxy02 httpproxy[6888]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="CONNECT" srcip="10.64.242.16" dstip="" user="" group="" ad_domain="" statuscode="502" cached="0" profile="REF_HttProContaInterNetwo (DUBPROXY.users)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="2512" request="0x1459a600" url="comapnyname.mail.onmicrosoft.com/" referer="" error="Host not found" authtime="0" dnstime="975" cattime="0" avscantime="0" fullreqtime="210213" device="0" auth="2" ua="" exceptions="av,auth,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
This thread was automatically locked due to age.