Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 35 replies
  • Subscribers 30 subscribers
  • Views 66474 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Battle.net Client Can't Download Updates

Timothy Stewart

Hi.  My battle.net client (Blizzard games like WoW, StarCraft, etc...) cannot update if HTTP scanning is turned on.  It works if I disable HTTP scanning in the web filter. I do not have HTTPS scanning turned on.  I have tried bypassing these sites from  getting scanned and it still does not work.  Here's a great list of regex exceptions from UTM 9 that don't seem to work with XG Firewall. 

https://community.sophos.com/products/unified-threat-management/f/55/p/45070/161552



This thread was automatically locked due to age.
Parents
  • 0

    I've been working on a similar situation with Netflix and HTTP scanning on SFOS 15.01.0 MR-3 and the only way I can get the Netflix app on my AppleTV or Roku3 to stream content is to do an HTTP scanning bypass rule in the Web Content Filter with the following:

    Name: Test Bypass
    Source IP Address : IP of my AppleTV or Roku3 (which then means it needs a static address)
    Destination IP Address : *
    URL Regex : * (\w+* or .* also works)
    Action : Bypass

    The only things that work are:

    1. Use a defined source IP with a URL Regex of * or .* with a bypass scan action in the HTTP Scanning of the Policy Filter.

    2. OR set up a specific security filter for the source IP or MACs that has HTTP scanning disabled.

    Neither are a very secure option, but for streaming devices I'm okay with it for now.

    Even if I use a URL Regex of ^http.*, which should match ANY http or https URL, I still get a connection error.

    So based on this analysis, I would have to conclude that URL regex in the Web Filter HTTP Scanning is broken, especially when I just came from UTM 9.4 where these exceptions were working quite well.

Reply
  • 0

    I've been working on a similar situation with Netflix and HTTP scanning on SFOS 15.01.0 MR-3 and the only way I can get the Netflix app on my AppleTV or Roku3 to stream content is to do an HTTP scanning bypass rule in the Web Content Filter with the following:

    Name: Test Bypass
    Source IP Address : IP of my AppleTV or Roku3 (which then means it needs a static address)
    Destination IP Address : *
    URL Regex : * (\w+* or .* also works)
    Action : Bypass

    The only things that work are:

    1. Use a defined source IP with a URL Regex of * or .* with a bypass scan action in the HTTP Scanning of the Policy Filter.

    2. OR set up a specific security filter for the source IP or MACs that has HTTP scanning disabled.

    Neither are a very secure option, but for streaming devices I'm okay with it for now.

    Even if I use a URL Regex of ^http.*, which should match ANY http or https URL, I still get a connection error.

    So based on this analysis, I would have to conclude that URL regex in the Web Filter HTTP Scanning is broken, especially when I just came from UTM 9.4 where these exceptions were working quite well.

Children
No Data