Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 40 replies
  • Answers 2 answers
  • Subscribers 40 subscribers
  • Views 96629 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Streaming Services Blocked

StephenBurton

"Reopening" this thread since it is a ongoing issue. As others have already experienced, I'm running into the same streaming issues. Netflix, PluralSite, and other streaming services won't work on AppleTV, Wii, Samsung Smart TVs, Apple iPad, and Apple iPhones but does through a web browser. Also, audio streams won't stream properly (constantly restart) and PlayStation updates won't download properly (get 175% download messages before throwing an error).  Lastly, I cannot login to some banking websites and have difficulties with content downloading on other reputable sites.

So, as others have, I created a profile which filters based off of MAC address and has malware scanning and web scanning is turned off - so essentially everything that you want in a modern security appliance turned off. Most of the systems began to work, but Netflix on the Wii still does not work (streams get to 100% but never start. I also tried the Netflix filters used on the UTM but as other have experience this does not work on the XG).

Also as others have experienced, no useful log files are created as to what it getting blocked, either Malware or web filtering of any type kills any stream (even simple filters such as blocking webmail will kill a stream - seems to be a issue with the scan engine itself and nothing to do with the content.) 

Obviously this is a serious issue that needs to be addressed as I can purchase a $50 firewall from Walmart that will work better than the XG currently is. Don't get me wrong, I'm a Sophos fan, but this has been an ongoing problem for way too long. What's the plan for this to be fixed? My definition of "fixed" is the ability to have malware scanning and web filtering enabled on devices that stream content. It needs to work this way because a large number of devices stream content and disabling malware scanning and/or web filtering is not on option. 

Has anyone else had better luck with streaming content on the XG with security enabled? I'd like to move back to the UTM firewall, however streaming doesn't work that well on that platform either. 



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to QuentinJackson

    Thanks Quentin for sharing the service release! This is good news - definitely something I'll try out tonight. Also, I'm totally aware of the business roots of Sophos and our company makes good use of their technology - it's great stuff. However, I did want to re-emphasize that the issue is not isolated to Netflix only but all streaming content including sites such as Pluralsight and YouTube which are used in corporate settings. Also, there is a known issue with the web filtering engine which causes issues with streaming content, including services that provide patch update content. It's a real problem for businesses as well not just for home users.

  • 0 in reply to QuentinJackson

    Good news - I updated my Sophos firewall with the Maintenance Release MR-1.1 (https://community.sophos.com/products/xg-firewall/f/46/t/75072) and it seems to have resolved the issue. I can now stream media with both web filtering and IPS turned on. I did have to turn off stream filtering in order for it to work. Overall, it appears that this has finally been resolved.

  • 0 in reply to StephenBurton

    Funny, as soon as I updated my firmware to MR-1.1 streaming services stopped working. Could you provide a little more detail about where you turned off 'stream filtering'? I searched through the settings but didn't find it. I still have to have HTTP scanning turned off for streaming to work.  

  • 0 in reply to MattWhite

    I to would like to know where he turned off 'stream filtering' I can't find that either.

  • 0 in reply to Big Ray

    This is what I did:

    1. Applied firmware MR-1.1
    2. Selected Protection : Web Protection : Web Content Filter from the left menu
    3. Under this page, scrolled down to the HTTP/HTTPS Configurations section
    4. Set Audio & Video File Scanning to Disable
    5. Set Scan Mode to Real-time

    I also set Scanning under the General Configuration to Single Anti-Virus

    Hope this helps. 

  • 0 in reply to StephenBurton

    This doesn't appear to work for me on an iPad or iPhone.  It only works if I don't have HTTP or HTTPS Decrypt and Scan enabled in my LAN to WAN policy.  When either of those are enabled, it won't stream, if I turn them off, it actually works great.  I even tried to add a regex for netflix and the exact URLs with no luck (Screenshot).

  • 0 in reply to DMR188

    I don't have https decode and scan enabled. HTTPS breaks all my connection, mail, web surfing the lot. Probably means I need to get my own certificate installed.

  • 0 in reply to StephenBurton

    Thanks for the info. I just checked and turns out I already had the settings the way you suggested, I even changed them to something else and hit apply then changed them back to match your setting hit apply and still can't stream Netflix on Android devices unless I disable HTTP/HTTPS scanning for the device in Policy, Very very frustrating for sure. What do you have your 'File Size Threshold' set to under HTTP/HTTPS Configuration?