HTTPS "URL filtering only" option enabled shows ssl warnings on all https websites or the page cannot be displayed after a while.

Question

Enviroment: HOME sophos UTM 9.506-2 on Hyper-V. UTM is behind NAT Sophos UTM upgraded from 9.505-4 to 9.506-2 9.505-4: no problem 9.506-2: webfilter problem (see below) Problem: HTTPS "URL filtering only" option enabled shows ssl warnings on all https websites or the page cannot be displayed after a while. It looks like when using two networks in one and the same default webfilter profile the problem occurs. 
 Problem is resolved when: "Do not proxy HTTPS traffic in transparent mode" is enabled Problem is temporary resolved when: UTM is rebooted (but after a while the problem is back again and HTTPS sites shows unsafe SSL warning) Problem is solved for good when two seperated Web Filter Profiles are created for each network: 
 Can somebody tell me why this is happening? Thanks! Regards, Stephan

Stephan Stoke · Answer

Hi Ian, That's the funny thing. I was testing if it was capable to loopback the traffic and it does :) When I change the gateway of a client on the 192 network to the 192 gateway of the UTM the traffic will go through the UTM. Also with WAF the traffic from the WAN (ISP router) to the UTM then loopsback to the Service in the 192 network. I agree that this solution is not the most logical and absolutely not recommended for business but for a home network it's working just fine. But mabey not for web filter anymore? Regards.

BAlfson · Answer

I have to agree with Ian, Stephan. In fact, if you can't put the UTM at the edge where it can get a public IP, I would bridge the two interfaces and change the topology so that everything is behind it. In that way, you can use Web Filtering in Transparent mode for all of your web traffic. Since the UTMs interfaces are bridged, I would use 'Full Transparent' mode. With that choice, the HTTP Proxy doesn't masquerade the web requests. 
 Cheers - Bob PS Moving this thread to the Web Filtering forum.