Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Replies 23 replies
  • Subscribers 0 subscribers
  • Views 15125 views
  • Users 0 members are here
Options
Suggested

[9.195][BUG] 2 websites does not open via transparent web proxy

Sascha Paris
The two websites Migros - Ein M besser and LeShop.ch, the leading Swiss online supermarket can not be opened via web proxy...will give a "Connection to server timed out". Bypassing the proxy opens the website without issues. 


2014:02:19-19:43:14 asg01 httpproxy[16705]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="GET" srcip="192.168.16.101" dstip="146.67.140.135" user="" statuscode="504" cached="0" profile="REF_HttProContaLanclNetwo7 (SOPHOS)" filteraction="REF_HttCffSophos (Sophos)" size="2548" request="0x1501b320" url="www.migros.ch/.../Merchandising"

2014:02:19-19:43:18 asg01 httpproxy[16705]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="GET" srcip="192.168.16.101" dstip="146.67.253.12" user="" statuscode="504" cached="0" profile="REF_HttProContaLanclNetwo7 (SOPHOS)" filteraction="REF_HttCffSophos (Sophos)" size="2559" request="0x1511c220" url="www.leshop.ch/favicon.ico" exceptions="" error="Connection to server timed out" authtime="0" dnstime="393" cattime="45211" avscantime="0" fullreqtime="60824028" device="0" auth="0" country="Switzerland" application="http" category="136" reputation="neutral" categoryname="Online Shopping"


[H]
Parents
  • 0
    Azron... check for ethernet speed and duplex mismatch between your customers external internet interface and the isp's equipment interface, have had that cause some wierdness before, just as you describe.  If possible set thwm both to a matching speed and duplex.

    Just something I always check (typically by logging into the shell and running ifconfig on the interface in question, looking for errors) ... I had a case where a customer had similar issues, a handful of sites would not load, and it was a weird combination of packet sizes, etc. from the server and the interface erroring due to speed and duplex mismatch.  Sounds like in this case ECN is the culprit, but it's always worth checking.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Reply
  • 0
    Azron... check for ethernet speed and duplex mismatch between your customers external internet interface and the isp's equipment interface, have had that cause some wierdness before, just as you describe.  If possible set thwm both to a matching speed and duplex.

    Just something I always check (typically by logging into the shell and running ifconfig on the interface in question, looking for errors) ... I had a case where a customer had similar issues, a handful of sites would not load, and it was a weird combination of packet sizes, etc. from the server and the interface erroring due to speed and duplex mismatch.  Sounds like in this case ECN is the culprit, but it's always worth checking.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Children
No Data
Unfiltered HTML