Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 40 replies
  • Answers 2 answers
  • Subscribers 40 subscribers
  • Views 96629 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Streaming Services Blocked

StephenBurton

"Reopening" this thread since it is a ongoing issue. As others have already experienced, I'm running into the same streaming issues. Netflix, PluralSite, and other streaming services won't work on AppleTV, Wii, Samsung Smart TVs, Apple iPad, and Apple iPhones but does through a web browser. Also, audio streams won't stream properly (constantly restart) and PlayStation updates won't download properly (get 175% download messages before throwing an error).  Lastly, I cannot login to some banking websites and have difficulties with content downloading on other reputable sites.

So, as others have, I created a profile which filters based off of MAC address and has malware scanning and web scanning is turned off - so essentially everything that you want in a modern security appliance turned off. Most of the systems began to work, but Netflix on the Wii still does not work (streams get to 100% but never start. I also tried the Netflix filters used on the UTM but as other have experience this does not work on the XG).

Also as others have experienced, no useful log files are created as to what it getting blocked, either Malware or web filtering of any type kills any stream (even simple filters such as blocking webmail will kill a stream - seems to be a issue with the scan engine itself and nothing to do with the content.) 

Obviously this is a serious issue that needs to be addressed as I can purchase a $50 firewall from Walmart that will work better than the XG currently is. Don't get me wrong, I'm a Sophos fan, but this has been an ongoing problem for way too long. What's the plan for this to be fixed? My definition of "fixed" is the ability to have malware scanning and web filtering enabled on devices that stream content. It needs to work this way because a large number of devices stream content and disabling malware scanning and/or web filtering is not on option. 

Has anyone else had better luck with streaming content on the XG with security enabled? I'd like to move back to the UTM firewall, however streaming doesn't work that well on that platform either. 



This thread was automatically locked due to age.
Parents
  • 0
    I think I may have a similar issue. I just purchased and installed the XG 135. Except for me it is using iTunes on a Mac and trying to play iTunes content. The only thing that works is to turn off all FTP, HTTP (and HTTPS), Intrusion Prevention and Web Filters in the policy. Of course, that is not really why I paid for a UTM/NGFW solution. From other issues I have, even though I have HTTPS scanning turned off, I think it is still using the internal proxy to intercept SSL traffic to decrypt and scan for antivirus if any of those are turned on. The logs in XG are almost useless. That is not a better feature over UTM. Overall, after 3 days of trying to figure out what it is doing, I am really frustrated and becoming very disappointed in Sophos XG.
Reply
  • 0
    I think I may have a similar issue. I just purchased and installed the XG 135. Except for me it is using iTunes on a Mac and trying to play iTunes content. The only thing that works is to turn off all FTP, HTTP (and HTTPS), Intrusion Prevention and Web Filters in the policy. Of course, that is not really why I paid for a UTM/NGFW solution. From other issues I have, even though I have HTTPS scanning turned off, I think it is still using the internal proxy to intercept SSL traffic to decrypt and scan for antivirus if any of those are turned on. The logs in XG are almost useless. That is not a better feature over UTM. Overall, after 3 days of trying to figure out what it is doing, I am really frustrated and becoming very disappointed in Sophos XG.
Children
  • 0 in reply to GaryChancellor
    A small update. I am able to leave Intrusion Prevention turned on (everything else turned off) with the generalpolicy setting and it does work. However, if I turn on even "Allow All" web filter, it quits working again. Make any sense to anybody else?
  • 0 in reply to GaryChancellor
    Well.. I found another issue. I needed to raise a support issue with Microsoft and was told to use the following link :- https://t.co/9lfxjwjfgD however, this link refuses to work and just times out. Transpires that IPS blocks it somehow. I switched off IPS and now can access it. It's becoming a bit of a pain trying to figure out what issues are - there doesn't appear to be any real time log which would make troubleshooting so much easier. I'm now in a situation where I have had to turn off all scanning, IPS, Webfilter. How long before I discover something that means I need to turn off Application Filter too? :-)
  • 0 in reply to psykix
    Sorry.. should clarify that the link I posted above works, but then trying to click the Get Help Now link on that page times out. Turning off IPS makes the link work.
  • 0 in reply to psykix
    Hi,
    without wanting to seem rude, your config is screwed. I clicked on the url you posted and I went straight to the MS site. I will admit i have spent a long time getting this configuration to where it will work. I have ATP, IPS scanning but not of https, dual antivirus, no ads or explicit sites. Also I am using clientless devices.
  • 0 in reply to IanMorehouse
    Yeah, I posted a clarification but it's pending moderator approval. The link I posted works fine, but the subsequent Get Help Now link (bloke with headset) doesn't work unless you turn off IPS.