Hello,
I noticied a strange issue crop up in the last day with UTM 9.209 and the latest beta 9.280.
When transparent proxy mode is enabled with HTTPS (regardless of the setting), going to websites *.google.com, *.gstatic.com hang. Webpages that have this secure content in them, also hang. I have tried this with several clients, including IE11, Firefox 33, Chrome 38.
When I go into UTM and select "Do not proxy HTTPS traffic in Transparent Mode" the issue goes away.
The issue happens with any option selected.
However, if I browse to Facebook or LinkedIn, these sites do not have an issue. Checking the certificates, the ones for Facebook and LinkedIn, are issued by Digicert, and the ones for Google, by their own authority.
I have tried the SSL selector released by Firefox to set your SSL version. I have tried from SSLv3 to TLS 1.2, and the issue still remains.
I have both IPv4 and IPv6, and the issue happens with both of those.
Here is a snippet of the log when it fails,
2014:11:08-10:52:01 Sophos-A httpproxy[5879]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="2001:123:123:123:123:123:123:123" dstip="2607:f8b0:4009:807::1018" user="" ad_domain="" statuscode="302" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="230" request="0xa6fa800" url="www.google.ca/.../html"
2014:11:08-10:52:39 Sophos-A httpproxy[5879]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="2001:123:123:123:123:123:123:123" dstip="2607:f8b0:4009:807::1018" user="" ad_domain="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="166" request="0x12c61800" url="www.google.ca/" referer="" error="" authtime="0" dnstime="2" cattime="147" avscantime="0" fullreqtime="37946613" device="0" auth="0" ua="" exceptions="" country="United States" category="145" reputation="trusted" categoryname="Search Engines" application="google" app-id="182"
And here is the snippet when it works,
2014:11:08-11:01:59 Sophos-A httpproxy[5879]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="2001:123:123:123:123:123:123:123" dstip="2607:f8b0:4009:807::1017" user="" ad_domain="" statuscode="302" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="230" request="0x12928000" url="www.google.ca/.../html"
I have also tried this with Application Control enabled and disabled, and the effect is the same.
Any help in determining why this would not be working would be great. This issue happens on the Beta, and on the latest released version. It only started happening in the last few days.
Thank you,
--Thomas
Guest User!
You are not Sophos Staff.
