Hi, i am new to Sophos UTM 9 and playing with this firewall from a week or so. i just want to configure some basic rules which i am unable to do so. i have experience with pfsense and untangle but this one is different. what i am trying to achieve is that: allow all traffic to network block some websites which includes (facebook, linkedin, twitter etc) both http & https. block p2p softwares i have figured out how to allow a single host or a network. when i am using this with Transparent Mode it does not allow https request and returns the certificate is not trusted error(cannot even open gmail.com). when i try this with standard mode it does nothing(google is not even accessible). tried both with "none" authentication mode. Thanks in advance.

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

New to Sophos UTM9,

Hi,
i am new to Sophos UTM 9 and playing with this firewall from a week or so. i just want to configure some basic rules which i am unable to do so. i have experience with pfsense and untangle but this one is different.
what i am trying to achieve is that:

allow all traffic to network
block some websites which includes (facebook, linkedin, twitter etc) both http & https.
block p2p softwares

i have figured out how to allow a single host or a network.
when i am using this with Transparent Mode it does not allow https request and returns the certificate is not trusted error(cannot even open gmail.com).
when i try this with standard mode it does nothing(google is not even accessible).
tried both with "none" authentication mode.

Thanks in advance.

This thread was automatically locked due to age.

Parents

0 gilipeled over 12 years ago

Hi ,

In transparent with https scan you need to install the UTM certificate in each computer using the proxy.
In standard you need to configure manually the proxy in your browser and use port 8080.
And here again you need to install the UTM certificate on all computers for https scan.
Without installing the certificate of the UTM on your computers you will get the certificate error in each site using HTPS.

Ally best
Gilipeled.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 gilipeled over 12 years ago

Hi ,

In transparent with https scan you need to install the UTM certificate in each computer using the proxy.
In standard you need to configure manually the proxy in your browser and use port 8080.
And here again you need to install the UTM certificate on all computers for https scan.
Without installing the certificate of the UTM on your computers you will get the certificate error in each site using HTPS.

Ally best
Gilipeled.
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 saqib over 12 years ago in reply to gilipeled

thanks for the quick response, here are my findings:
i configured the "standard mode" and manually set the proxy of the browser to IP:8080 and then i clicked on "https CAs" and download the certificate under "Signing CA" and imported it in the chrome browser. after that
i cannot access the sophos main page
and when i try to access gmail.com i am getting
"The Site's Security certificate is not trusted!
.....................
.............some text
and a button "back to safety"
what am i doing wrong here.
i had to use different browser to access the sophos main page.
same results are with Transparent Mode.
Cancel
Vote Up 0 Vote Down

Cancel