Guest User!

You are not Sophos Staff.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

web filtering service problem

We have an issue with web filtering service on XG .

All of a sudden , actually most probably starting from January 4th , the web filtering service does not work anymore .

Users can access any site , including the one that should not be allowed to them , and also the last logged entry is 4th January

We tried to restart the web filter service but nothing changed

 

What can be the issue , and how can we solve it ?

Do we have to reboot the firewall itself ?

thanks



This thread was automatically locked due to age.
  • There was a problem with a bad update in IPS definition that caused the categorization to stop working. Please refer to this KB to get it working again https://community.sophos.com/kb/en-us/125754 

  • Unfortunately that's not my problem , the versions mentioned on the article are already installed

    Firmware Version:               SFOS 16.01.2
    Firmware Build:                 222
    Firmware Loader version:        0x00000005
    HW version:                     WP01
    Config DB version:              15.135
    Signature DB version:           15.135
    Report DB version:              15.135
    Webcat Signature version:       0.0.1.67
    Web Proxy version:              HTTP-Proxy.0bdec1804
    SMTP Proxy version:             1.0.6.4
    POP/IMAP Proxy version:         1.0.0.3.4
    Logging Daemon version:         0.0.0.17
    AP Firmware:                    6.0.001
    ATP:                            1.0.0120
    Avira AV:                       1.0.17692
    Authentication Clients:         1.0.0003
    IPS and Application signatures: 3.13.17
    RED Firmware:                   2.0.005
    Sophos AV:                      1.0.10368
    SSLVPN Clients:                 1.0.005
    WAF:                            1.0.0006
    Hot Fix version:                1
     
     
  • Hi Stefano,

    Check #1 in my guide here. Check which FW-rule forwards the traffic and see if the filters are defined correctly.

    If that doesn't resolves the issue then manually update the pattern on XG and restart Web Proxy from administration> Services.

    Hope that helps.

  • What does your webfiltering log show? Is everything categorized as NONE?

    Go to console option 5 > 3 and type

    service WINGC:restart -ds nosync 

    and see if it starts working. You may have to reboot the firewall if this doesn't work. But mainly I am interested in the classification in the webfiltering logs.

     

    P.S. Sorry, I just noticed you said your logging has stopped working. Double check to make sure that the firewall rule has logging enabled and you can try restarting logging by going to console option 5 > 3 and starting logging.

    service garner:restart -ds nosync 

  • as I said the webfiltering log is stopped at January 4th

    no active logging for web filtering

     

    Tried the suggested


    XG330_WP01_SFOS 16.01.2# service WINGC:restart -ds nosync
    200 OK
    XG330_WP01_SFOS 16.01.2#
     
    nothing changed
     
     
  • The problem was much more simple than expected . Another admin or the customer has added a wrong firewall entry that bypassed the policies for web filtering

    thanks