Hello Community,
we have a Sophos UTM SG330 Appliance running on version: 9.508
In the section: "Web Protection-> Filtering Options -> Misc" we use the following proxy auto configuration:
=======================================================================
function FindProxyForURL(url, host) {
var resolved_ip = dnsResolve(host);
//Don't proxy connections to the UTM web interface
if (shExpMatch(url, "proxy.xxx.local:4444/*")) return "DIRECT";
//Exclude non-fqdn hosts from being proxied
if (isPlainHostName(host)) return "DIRECT";
//Don't proxy Connections to Legacy NGA Net
if ((shExpMatch(url, "^http://194.150.1.*")) ||
(shExpMatch(url,"^https://194.150.1.*"))) return "DIRECT";
if ((shExpMatch(url, "^http://194.150.0.*")) ||
(shExpMatch(url,"^https://194.150.0.*"))) return "DIRECT";
if (shExpMatch(url, "mobile.xxx.net")) return "PROXY 10.46.0.34:8080";
//Don't proxy connections to the exempted URL matches
if (shExpMatch(url, "xxx.net")) return "DIRECT";
if (shExpMatch(host, "citrix.xxx.net")) return "DIRECT";
if (shExpMatch(host, "owa.xxx.net")) return "DIRECT";
if (shExpMatch(host, "autodiscover.xxx.net")) return "DIRECT";
if (shExpMatch(host, "autodiscover.xxx.ch")) return "DIRECT";
if (shExpMatch(host, "viewer.xxx.net")) return "DIRECT";
if (shExpMatch(host, "transfer.xxx.net")) return "DIRECT";
if (shExpMatch(host, "hotspot.xxx.net")) return "DIRECT";
if (shExpMatch(host, "remote.xxx.net")) return "DIRECT";
if (shExpMatch(host, "meeting.xxx.net")) return "DIRECT";
if (shExpMatch(host, "outlook.xxx.local")) return "DIRECT";
if (shExpMatch(host, "*.xxx.local/*")) return "DIRECT";
if (shExpMatch(host, "xxx.local")) return "DIRECT";
//Don't proxy connections to private IP addresses
if (isPlainHostName(host) ||
shExpMatch(host, "*.local") ||
isInNet(resolved_ip, "10.0.0.0", "255.0.0.0") ||
isInNet(resolved_ip, "172.16.0.0", "255.240.0.0") ||
isInNet(resolved_ip, "192.168.0.0", "255.255.0.0") ||
isInNet(resolved_ip, "127.0.0.0", "255.255.255.0") ||
isInNet(resolved_ip, "xxx.xx.xxx.xxx", "255.255.255.255"))
return "DIRECT";
return "PROXY 10.46.0.34:8080";
}
=======================================================================
Now we have sometimes a weired behaviour on the client pcs while accessing some websites.
For example:
1. Proxy- Configuration in Internet Explorer: Just ticked the checkbox: Automatic detect proxy settings
Then if we navigate to: https://www.icloud.com it isn't possible to access the website.
Thats why we have an exception defined in: "Web Protection -> Filtering Options":
But the access is still not possible.
Now if we change the proxy settings in Internet Explorer to this:
All is working good.
Can one explain this?
Thanks so far!
This thread was automatically locked due to age.
