Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 8 replies
  • Subscribers 29 subscribers
  • Views 2629 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Google / Yahoo / Rediffmail going to "Uncategorized"

Ajay Sharma1

I've a XG105 (SFOS 17.0.6 MR-6), I'm facing a strange problem, I've created clientless Users and applied web policy on the User Groups.

Created Firewall Rules for the users (Screenshot attached). My problems are as below :

1. User complain about no internet access, if i turn the LAN_WAN rule off.

2. Even after keeping the rule on, websites such as Google /Rediff / Yahoo etc. are categorized under web Category "Uncategorized".

I want to implement restrict certain users from accessing Internet and allow internet access as per users work profile (as you can see the firewall rules are).



This thread was automatically locked due to age.
  • 0

    Hello Ajay,

    It does seem that the lookup failed to categorize your websites. How often were you able to recreate the issue? Could you please check by changing the DNS server on the firewall?

    Regards,

    Aditya Patel
    Global Escalation Support Engineer | Sophos Technical Support
    Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

  • 0 in reply to Aditya Patel

    Hello Aditya,

     

    This is a permanent issue, I had to allow Uncategorized web category in the Web policy. I even tried by creiting a custom Web policy and adding the necessary websites in Exception. But to no avail.

     

    DNS Servers I've tried :

    Open DNS / Google DNS / Cloudflare / Norton Connectsafe Its all the same.

  • 0 in reply to Ajay Sharma1

    Where are your servers configured eg the XG? Does the XG use the same DNS as the users?

    Ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    Hello Ian,

     

    My XG uses the same DNS as the users. We dont have DNS server in our environment.

  • 0 in reply to Ajay Sharma1

    Hi Ajay,

    to me it looks like a DNS issue. Do your users use the XG as a DNS or are they configured to use a DNS from the DHCP server.

    The issue looks very much like the XG is not updating the URL check at the same time as the users are and so you are getting unclassified results.

    Ian

     

    edited - fixed spelling errors

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    I've not implemented the DHCP Server in the network. I get these results when I go for URL Category Lookup in Diagnostics on Sophos XG. Screenshot Attached.

     

    I'm planning to upgrade SFOS to HW-17.5.3_MR-3 from the current 17.0.6-MR6, lets see if that makes any difference.

     

  • 0 in reply to Ajay Sharma1

    Hi,

    please post a screen shot of your XG DNS settings.

    Thank you.

    Ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • 0

    I think you have two problems.  Most likely related, though it is not obvious how.

     

    1) You are not matching the rules you expect.  Take a look at the grey in/out on each rule.  See how your last LAN/WAN rule has so much traffic?  Is that expected?  If all the prior rules apply only to certain users/groups you may have an authentication problem.

     

    2) You have a categorization problem.

    Can you drop into command line?
    What is in /log/nSXLd.log
    Can you ping 4.sophosxl.net 

Cookie Information Banner