Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 12 replies
  • Answers 2 answers
  • Subscribers 27 subscribers
  • Views 25936 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

HTTP-Proxy not working (Windows)

oldgoodname

Hi Guys,

 

I'm new to the Sophos Firewall, but I have some experiance with other Firewalls. I set up a new Sophos XG Home Edition and it's doing the job very well.

 

I just have a problem and hope you can help me to solve it. I'm using a HTTP-Proxy which is, for example, configured in Internet Explorer. It's working as it should, but since I installed the XG Firewall, the HTTP Proxy is not able to connect (get no dialogue to type in the credentials + no website can be opened) and so it's not working.

 

The only thing I have configured is a Firewall rule source/destination/service set to any, to have no restrictions. This rule doesn't use and application or web filtering. The Sophos log shows an entry form my pc to the http-proxy-IP with the port 443 and it's accepted due to the firewall rule.

 

So I have no reference point what could be the problem. A friend also have a http proxy and there it's working, but he uses UTM Firewall. Any suggestions would be appriciated.

 

best regards



This thread was automatically locked due to age.
  • 0

    Benjamin,

    can you share the firewall rule you created?

    Are you using XG as proxy or another one?

    Thanks

  • 0 in reply to lferrara

    Hi,

    yes of course. This is my Firewall rule:

     

     

    Is this enough, or should I post the detailed configuration?

    I'm using a different one, not the XG.

    Thanks for your help.

    best regards

  • 0 in reply to lferrara

    Hi lferrara,

     

    did you find out something new?

    I have connected my notebook direktly to the LAN port of the Firewall, so it is impossible that another device influence the traffic. But it is still not working.

    I'm able to open websites with Firefox, but not able to open websites in Internet Explorer (http proxy configured).

     

    Anyone else have a 3rd party http proxy configured and it's working?

     

    best regards

  • 0 in reply to oldgoodname

    Benjamin,

    from the console use the command:

    drop-packet-capture "host x.x.x.x" where x.x.x.x is the IP address of your Computer and check if something is dropped.

    Aldo try with the proxy ip too.

    Let us know

  • 0 in reply to lferrara

    Hi lferrara,

    Thanks for your answer. I tried to capture the dropped packages and got some results. But it didn't get it, when I opened a website, I got it about 30 seconds later, but maybe triggered by another application, because when I configure it in Internet Explorer, it is a system standard an maybe used by other applications.

    Here are the results:

    8130.Log_Notebook.txt

     

    Seems to be a lot of Invalid Traffic, but I don't know what the problem could be. Do you have andy ideas?

    best regards

  • 0 in reply to oldgoodname

    Hi Benjamin, 

    When the website has terminated the connection, the XG would remove the state-full connection with the remote web server.  If the packets are received after the connection was terminated then the packets are invalid packets. As per the packets captured the connection is already terminated and the finished packet is an invalid packet afterward. 

  • 0 in reply to Aditya Patel

    Hi Aditya,

    thanks for your reply. I understad the problem and why it occurs. But how to solve it? Do you think it is a problem of the HTTP proxy? Without the XG it works without a problem.

     

    best regards

  • 0 in reply to oldgoodname

    Hi Benjamin, 

    Could you check any irregular logs in XG under awarrenhttp .

    The command in shell

    #service awarrenhttp:debug -ds nosync   {this command will enable debug mode for service enable/disable to disable execute the command again}

    # tail -f /log/awarrenhttp.log  

    Post your output and then disable the debugging mode.

  • 0 in reply to Aditya Patel

    Hi Aditya,

    I did it. Here is the log file:

    7585.Awarrenhttp.log

    If it helps, I opened www.google.com and www.msn.com.

     

    PS: I executed "service awarrenhttp:debug -ds nosync" again to disable debug mode, but I got the same result (200 OK) every time. Is there another command to check if it is disabled?

    thanks for your answer and best regards

  • 0 in reply to Aditya Patel

    Hi Aditya,

    were you able to analyse the log, or just have a look at it?

    Do you think it could be a problem in the release I have installes?

    I have to solve it the next days, or i have to switch to UTM or another XG release.

    Hope you have time to help me soon.

     

    Thanks and best regards