Application control blocking websites

Hi Kripasindhu Ghosh

Thank you for reaching out to the community, Are you using Sophos XG as a proxy server?

If yes please go to PROTECT--->Web--->General Settings under Web proxy configuration and add port 82 allowed destination ports

If a post solves your question please use the 'Verify Answer' button.

Thanks a lot for your reply. 

I m currently using DPI. When i am disabling the SSL/TLS inspection over DPI , "https://apex.irclass.org:82 " its working.

I was trying to bypass this specific website from DPI using Exclusion by website  but not succeeded. Is there anyway to exclude any specific website from TLS/SSL inspection over DPI ?

Why not create an exception ticking not to use https?

ian

Hello Kripasindhu Ghosh,

DPI engine detects and filters HTTP and SSL/TLS traffic on any port. Where as when enabling the option "Use web proxy instead of DPI engine" under the firewall rule, then the Web proxy transparently handles traffic only on TCP ports 80 and 443 only. 

Alternatively you can also create an exception as suggested by rfcat_vk Under the web > exception > add: skipping the options like HTTPS decryption, HTTPS certificate validation, Malware and content scanning, Zero-day protection & Policy checks. Select the URL pattern matches and add the following regex: ^([A-Za-z0-9.-]*\.)?apex\.irclass\.org:82/

Hello Kripasindhu Ghosh,

DPI engine detects and filters HTTP and SSL/TLS traffic on any port. Where as when enabling the option "Use web proxy instead of DPI engine" under the firewall rule, then the Web proxy transparently handles traffic only on TCP ports 80 and 443 only. 

Alternatively you can also create an exception as suggested by rfcat_vk Under the web > exception > add: skipping the options like HTTPS decryption, HTTPS certificate validation, Malware and content scanning, Zero-day protection & Policy checks. Select the URL pattern matches and add the following regex: ^([A-Za-z0-9.-]*\.)?apex\.irclass\.org:82/