Hi.
We have a number of new Sophos XG Firewalls and we are experiencing issues with the Web Filtering aspect as in, it just will not work.
Here is an example of a setup at one of our sites. At this site the below has been configured to allow a residents network with internet access. The devices that connect to this network are BYOD and we have no control over these.
Zone = Resident LAN
Zone Options Selected = DNS / Ping / Web Proxy
Firewall Rule = Resident LAN Internet Access
Firewall Rule Details =
> Source Zone: Resident LAN
> Source Networks: Any
> Destination Zones: WAN
> Destination Networks: Any
Security Features: Web FIltering : Policy No Explicit Content (I used this as an example - We have created our own policy which contains a large number of categories)
Selected Options within Web Filtering (I am not to sure if these are correct)
Block QUIC Protocol - Selected
Scan HTTP and decrypt HPPS - Selected
Use Web Proxy instead of DPI Engine - Selected
Decrypt HTTPS during web proxy filtering - Selected
When I connect a PC to the Resident LAN and test a number of sites which I would assume would be blocked they load without an issue. I can see the sites in question are all HTTPS which is making me think the filter cannot determine its content.
I am not to sure where in the logs to look for this type of thing. It is key that I ensure the residents networks at each of our sites is well protected which I bleieve the Sophos XG could take care of quite easily so it may be something in the configuration I have setup wrong or there may be a better way to do this.
Any advice would be greatly apprecaited.
Many thanks, Dan Hargrove
This thread was automatically locked due to age.
