This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Accessing WebAdmin through webfilter

Hi,

Why does WebAdmin (TCP/4444) access to another UTM get blocked in the webfilter? I think it should be working since it by default is in the allowed target services list. It does of course work if i create a firewall rule, but what's the reason in having it "allowed" in the webproxy then?

I'm running in transparent mode by the way!

I'm running 9.413 and have tried on 9.509 with same result

Here's the output from the log

2017:06:09-11:29:03 freja httpproxy[13959]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="CONNECT" srcip="10.45.15.49" dstip="xxx.xxx.xxx.xxx" user="" group="" ad_domain="" statuscode="500" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (NP Filter)" size="151" request="0xdf29ac00" url="https://xxx.xxx.xxx.xxx/" referer="" error="No route to host" authtime="0" dnstime="0" cattime="45" avscantime="0" fullreqtime="3023512" device="0" auth="0" ua="" exceptions="" category="9998" reputation="unverified" categoryname="Uncategorized" country="Denmark"



This thread was automatically locked due to age.
Parents
  • Kenneth, are you sure that's the line you meant to show us?  The error is "No route to host" and there's no 4444 in the URL.

    The firewall rule is required because only HTTP and HTTPS are intercepted by the Proxy in Transparent mode.  'Allowed Target Services' is only for 'Standard' mode.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • Kenneth, are you sure that's the line you meant to show us?  The error is "No route to host" and there's no 4444 in the URL.

    The firewall rule is required because only HTTP and HTTPS are intercepted by the Proxy in Transparent mode.  'Allowed Target Services' is only for 'Standard' mode.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • Hi Bob,

    Well it was the only line generated in the webproxy log. I was wondering about it as well :)

     

    Ahh okay i didn't knew that. Thanks Bob :)

    Sophos UTM 9.3 Certified Engineer
    Sophos UTM 9.3 Certified Architect
    Sophos XG v.15 Certified Engineer
    Sophos XG v.17 Certified Engineer
    Sophos XG v.17 Certified Architect