Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 35 replies
  • Subscribers 30 subscribers
  • Views 66502 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Battle.net Client Can't Download Updates

Timothy Stewart

Hi.  My battle.net client (Blizzard games like WoW, StarCraft, etc...) cannot update if HTTP scanning is turned on.  It works if I disable HTTP scanning in the web filter. I do not have HTTPS scanning turned on.  I have tried bypassing these sites from  getting scanned and it still does not work.  Here's a great list of regex exceptions from UTM 9 that don't seem to work with XG Firewall. 

https://community.sophos.com/products/unified-threat-management/f/55/p/45070/161552



This thread was automatically locked due to age.
  • 0 in reply to Timothy Stewart

    in my case battle.net client does http downlaods and those regex expressions solved the issue..:)

  • 0

    the blizard.com edgesuite.net regex won't work.  I would redo

    Hi.  My battle.net client (Blizzard games like WoW, StarCraft, etc...) cannot update if HTTP scanning is turned on.  It works if I disable HTTP scanning in the web filter. I do not have HTTPS scanning turned on.  I have tried bypassing these sites from  getting scanned and it still does not work.  Here's a great list of regex exceptions from UTM 9 that don't seem to work with XG Firewall. 

    https://community.sophos.com/products/unified-threat-management/f/55/p/45070/161552

    I would redo the regex expressions.  google quick regex for the program i use to generate my expressions.  if that doesn't work then yeppers do what i did and forget SFOS and go back to UTM..:)

  • 0 in reply to William Warren

    Good eye.  This was a typo and I do have separate rules for these.  If you look at my previous post it pretty much sums up why it won't work.  The direct IP connect to blizzard is getting blocked.  I think Blizzard uses this to get a list of their CDNs before downloading updates.  This is an XG specific issue.  This feature works fine on UTM.

  • 0

    I have the same issue with the battle.net client and the regex which are not working. What I recently found out is that if you add a rule which bypasses everything means using a simple * as regex you will be able to install and update games in the client.

    Of course I can't use this permanently as I would simply render my AV and Webfilter completly useless.

  • 0

    I've been working on a similar situation with Netflix and HTTP scanning on SFOS 15.01.0 MR-3 and the only way I can get the Netflix app on my AppleTV or Roku3 to stream content is to do an HTTP scanning bypass rule in the Web Content Filter with the following:

    Name: Test Bypass
    Source IP Address : IP of my AppleTV or Roku3 (which then means it needs a static address)
    Destination IP Address : *
    URL Regex : * (\w+* or .* also works)
    Action : Bypass

    The only things that work are:

    1. Use a defined source IP with a URL Regex of * or .* with a bypass scan action in the HTTP Scanning of the Policy Filter.

    2. OR set up a specific security filter for the source IP or MACs that has HTTP scanning disabled.

    Neither are a very secure option, but for streaming devices I'm okay with it for now.

    Even if I use a URL Regex of ^http.*, which should match ANY http or https URL, I still get a connection error.

    So based on this analysis, I would have to conclude that URL regex in the Web Filter HTTP Scanning is broken, especially when I just came from UTM 9.4 where these exceptions were working quite well.