Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 3 subscribers
  • Views 22621 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Proxy "Connection Refused" in Web Filtering

Philip Wrangles

Hello,

I am using a Sophos UTM as a proxy for some of my web traffic, i have set up the proxy and configured web protection to allow the connections however i am getting errors in the log such as the below (I have replaced the ip addresses):

 

2017:06:01-11:58:04 ppnsophos02 httpproxy[23171]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="CONNECT" srcip="XX.XX.XX.XX" dstip="YY.YY.YY.YY" user="" group="" ad_domain="" statuscode="500" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="0" request="0x8f00000" url="https://mywebsite.com:52495/" referer="" error="Connection refused" authtime="0" dnstime="1" cattime="0" avscantime="0" fullreqtime="343" device="0" auth="0" ua="" exceptions=""

Could anyone help me out with this one?

Thanks in advance.



This thread was automatically locked due to age.
Parents
  • 0

    The url is uzing an alternate pirt.   The port needs to be permitted on the Misc tab of Filtering options.

    Have you done rgis?

  • 0 in reply to DouglasFoster

    Thanks for the Speedy Response Douglas.

    Its not that, I have permitted all of the requested services in the Filtering Options -> Misc tab.

    Previously i was getting a "Target service not allowed" error which was addressed by allowing the services.

    Kind Regards

  • 0 in reply to Philip Wrangles

    Then it is probably a ciphersuite incompatibility, on the assumption that https inspection is active.

    UTM dropped all support for TLS1.0, but some older servers do not support tls1.2.

    Try disabling https inspection for this site and retest.  If my theory is correct,  chrome should give you a "not secure"7 warning in the address bar, but will let you connect.

    You can also try testing the site using the server test option at ssllabs.com, but it may not work on nonstandard ports.

Reply
  • 0 in reply to Philip Wrangles

    Then it is probably a ciphersuite incompatibility, on the assumption that https inspection is active.

    UTM dropped all support for TLS1.0, but some older servers do not support tls1.2.

    Try disabling https inspection for this site and retest.  If my theory is correct,  chrome should give you a "not secure"7 warning in the address bar, but will let you connect.

    You can also try testing the site using the server test option at ssllabs.com, but it may not work on nonstandard ports.

Children
Unfiltered HTML