Slack & SSL Decrypt

man that was flipping annoying. I knew that some computers were blocking slack. I could connect to COMPANY.slack.com and it just wouldnt load the side bar and said it was constantly reconnecting. However i used the log viewer on the ip in question, the user in question, etc, nothing was denied in any category. I used the policy  test to slack.com, etc, etc and all passed fine.. grrr i said...

i opened developer console on chrome, i see it cant complete requests to a.slack-edge.com. I look for that URL being blocked in the firewall, in the web applications in EVERYTHING. NOTHING TELLS ME ITS BLOCKED ANYWHERE PERIOD.

I then decide to search "sophos block slack-msgs.com" and looky looky, here is the fucking solution. Sophos you really REALLY need to get better at letting me know when something is being blocked. I mean if its not in the logs (searching anything but allowed for an IP), and its not in the policy test, then how the hell am i supposed to know WTF is going on??? tell me. Maybe im holding it wrong. I really would like that to be the case, because this just keeps coming up for us. Things are blocked and its near impossible to ever extract any information from the damn XG firewall.

So now, i just default blame the firewall. And I am often right.

Its like where are these SSL decrypt logs? where do i see that it is blocked by this "feature"? tell me and i will go look and document it. this was the exact same problem we had with skype, windows update, microsoft CDN and apple update. Like how can you get it wrong so many fricking times for so many mission critical business applications THAT EVERYONE USES... CHRIST

man that was flipping annoying. I knew that some computers were blocking slack. I could connect to COMPANY.slack.com and it just wouldnt load the side bar and said it was constantly reconnecting. However i used the log viewer on the ip in question, the user in question, etc, nothing was denied in any category. I used the policy  test to slack.com, etc, etc and all passed fine.. grrr i said...

i opened developer console on chrome, i see it cant complete requests to a.slack-edge.com. I look for that URL being blocked in the firewall, in the web applications in EVERYTHING. NOTHING TELLS ME ITS BLOCKED ANYWHERE PERIOD.

I then decide to search "sophos block slack-msgs.com" and looky looky, here is the fucking solution. Sophos you really REALLY need to get better at letting me know when something is being blocked. I mean if its not in the logs (searching anything but allowed for an IP), and its not in the policy test, then how the hell am i supposed to know WTF is going on??? tell me. Maybe im holding it wrong. I really would like that to be the case, because this just keeps coming up for us. Things are blocked and its near impossible to ever extract any information from the damn XG firewall.

So now, i just default blame the firewall. And I am often right.

Its like where are these SSL decrypt logs? where do i see that it is blocked by this "feature"? tell me and i will go look and document it. this was the exact same problem we had with skype, windows update, microsoft CDN and apple update. Like how can you get it wrong so many fricking times for so many mission critical business applications THAT EVERYONE USES... CHRIST