Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 5 replies
  • Subscribers 4 subscribers
  • Views 9850 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to configure UTM110/120 to allow downloading from fileshark.pl ?

Ariel Chyłek

Recently I became an owner of 'UTM110/120' device and have home license for it.

I also have a premium membership within https://fileshark.pl/.

Whenever it comes to downloading a hosted file in there from any webbrowser (doesn't matter if it is on my desktop, laptop, or mobile phone connected to my network) it shows loading circle for more than 10 seconds and it fails to download.

I tried to setup a Exception within 'Web Protection > Filtering Options' but it fails.
I even tried to use in 'Network Protection > Firewall' with a new rule to allow downloading files to be downloaded, but it still fails.
It doesn't work for ANY type of files.
I cannot download .avi .doc .txt .mp3 .jpg .mp4 .mpg .xls .docx .xlsx (any type of files really) from that site...

Whenever I want to download any of my uploaded documents/ photos/ music etc. I get to the download page.
When I click the link in https://fileshark.pl/, loading circle spins for over 10 seconds and then it displays blank page with an address:
f1962.s20.fileshark.pl:8086/.../...

What am I doing wrong within Filtering Options with setup exeption (or maybe somewhere else within UTM menu I should look for clues) ?

I added:
^https?://[A-Za-z0-9.-]*.\?fileshark.pl/
^https?://[A-Za-z0-9.-]*\fileshark.pl:[A-Za-z0-9]
f1962.s20.fileshark.pl:8086

I even selected ALL skippings possible, and it still does not want me to download.

Just for the record... when I turn on my 'Avast Secure Line VPN' and connect via it, then it bypass my Sophos UTM9 and allows downloading with no problems.

Also, when I revert back to my old router 'Netgear FVS318v3' it all works fine.



This thread was automatically locked due to age.
  • +1

    Go to log files and open the live log for web filtering, and repeat your test.  Ignore the txt that displays at first, because all that matters are the new entries that will appear.   If you have a busy network, put your ip in the filtet box before tedting, to exclude other traffic.    Using a second pc avoids the problem of your monitoring updates appearing i n the log.  Updates are delayed slightly from tbe live traffuc

    If nothing appears, repeat with the firewall live log.  Traffic flows through onnly one of them, never both

    One podsibility is that it is opening a nonstandard port or that it is opening a port on a very different host name.

  • +1

    The issue is hidden in what you wrote:

    f1962.s20.fileshark.pl:8086/.../...

     

    It is trying to access a webserver over port 8086.  I assume you are using transparent mode, so the web proxy is only looking for traffic on port 80 and 443. I suspect if you looked at the firewall logs you would see the blocked 8086 traffic.  At that point the easiest thing would be to just open this port on the firewall side of things.  Create a service definition for 8086 and a firewall rule.  The traffic will flow over the firewall without going through the web proxy.

    Alternately you can try using standard/explicit mode where the browser is configured to know about the proxy and talks to it over port 8080.  If you do that, I think you'll need to go to filtering options, misc, and add the 8086 service as an allowed service.

  • 0

    Hi Ariel,

    Can you show me a picture of the configured exception policy and relevant log lines from the http.log file. You can grep the logs on the source IP and download a file. Refer, Sophos UTM Logfile information.

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • 0 in reply to Michael Dunn

    Michael Dunn, thank you, that actually worked :)

    Looked under Firewall Live Log and it was really that port (not sure why I did not try this until now... looked everywhere else, but not for the port)

    Created new 'Service Definition':

    Then created new 'Firewall Rule':

    I am only not sure if it should be with that wide range '1:65535' and if 'Destinations:' should be 'Any'...

    At least it is working now :)
    I can download and upload files (now will apply similar resolution to Google Drive, Dropbox and  Skydrive).

    Thank you

  • 0 in reply to DouglasFoster

    DouglasFoster, thank you.

    That actually helped as I looked only under Web Filtering live log and it showed nothing.

    Not sure why I did not try to look under Firewall Live Log, however, to your suggestion I managed to pinpoint the exact port (even though that port was in front of my eyes the entire time...) .

    Many thanks, sir :)

Unfiltered HTML