This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Unable to access a certain website

Hello Team,

 

We are having issues accesing a particular website from behind our firewall SOPHOS UTM.

When contacted support the guy told me that it is taking more than the fulreqtime defined internally on sophos and hence it is getting dropped with an error message "Connection to server Timed Out".

We checked with our ISP which is Orange and they confirmed that there is no such issue.Also when we try browsing that website from anywhere else the page loads up in less than a second hence I really do not understand how could the ISP be the cause and that too specefically with my firewall. Below are the logs :

 

2017:09:26-15:05:54 sg650n1-1 httpproxy[30103]: "id=0002 "severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="GET" srcip="1x.x.x.7x" dstip="164.2.244.26" user="" group="" ad_domain="" statuscode="504" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="0" request="0xc1a3c000" url="www.aphp.fr/favicon.ico" referer="" error="Connection to server timed out" authtime="0" dnstime="128" cattime="94" avscantime="0" "fullreqtime=60882640 "device="0" auth="0" ua="Mozilla/5.0 (Windows NT 10.0; WOW64; rv:55.0) Gecko/20100101 Firefox/55.0" exceptions=""

 

Please help.



This thread was automatically locked due to age.
Parents
  • Hi, Addy, and welcome to the UTM Community!

    When you see a statuscode in the 500 range, the first thing to try is an Exception for Antivirus.  If that doesn't work, you must skip the proxy for the site in question.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hello Bob,

     

    Thank you for the response. I tried that by looking on your other posts but even bypassing the AV or un selecting the proxy under web filtering did not help. Apparently the support guys told me that it is the fullreqtime which is been met and hence the traffic is dropped. He somehow thinks that this is an issue with the ISP but its kindda not very convincing that a web site which is opening in less than a second from outside the network is dropped by sophos due to high response time.

    And just to be sure the proxy that you are talking about is the  one under Web protection > Web Filtering and then the https tab >>>" Do not proxy HTTPS traffic in transparent mode"

    I will look forward to your feedback.

    Thanks,

    Addy

Reply
  • Hello Bob,

     

    Thank you for the response. I tried that by looking on your other posts but even bypassing the AV or un selecting the proxy under web filtering did not help. Apparently the support guys told me that it is the fullreqtime which is been met and hence the traffic is dropped. He somehow thinks that this is an issue with the ISP but its kindda not very convincing that a web site which is opening in less than a second from outside the network is dropped by sophos due to high response time.

    And just to be sure the proxy that you are talking about is the  one under Web protection > Web Filtering and then the https tab >>>" Do not proxy HTTPS traffic in transparent mode"

    I will look forward to your feedback.

    Thanks,

    Addy

Children
  • The line you showed from the Web Filtering log was not the one that corresponds to the picture.  I'm able to access aphp.fr sans problemes, but I see a statuscode="404" (not found) in the log for an attempt to get favicon.ico.  Please show a picture of the approach you tried to skip the Proxy as a block by Web Filtering demonstrates that there was some issue with the way you tried to skip the Proxy.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hello Bob,

     

    Kindly find attached the screenshot of the place where I tried skipping the destination.

     

    Thanks,

    Addy

  • Please confirm that Web Filtering is in Transparent mode.  It's not clear that "GRP - All VLAN" includes the website you wanted to skip the Proxy.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA