Hi, i am new to Sophos UTM 9 and playing with this firewall from a week or so. i just want to configure some basic rules which i am unable to do so. i have experience with pfsense and untangle but this one is different. what i am trying to achieve is that: allow all traffic to network block some websites which includes (facebook, linkedin, twitter etc) both http & https. block p2p softwares i have figured out how to allow a single host or a network. when i am using this with Transparent Mode it does not allow https request and returns the certificate is not trusted error(cannot even open gmail.com). when i try this with standard mode it does nothing(google is not even accessible). tried both with "none" authentication mode. Thanks in advance.

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

New to Sophos UTM9,

Hi,
i am new to Sophos UTM 9 and playing with this firewall from a week or so. i just want to configure some basic rules which i am unable to do so. i have experience with pfsense and untangle but this one is different.
what i am trying to achieve is that:

allow all traffic to network
block some websites which includes (facebook, linkedin, twitter etc) both http & https.
block p2p softwares

i have figured out how to allow a single host or a network.
when i am using this with Transparent Mode it does not allow https request and returns the certificate is not trusted error(cannot even open gmail.com).
when i try this with standard mode it does nothing(google is not even accessible).
tried both with "none" authentication mode.

Thanks in advance.

This thread was automatically locked due to age.

Parents

0 saqib over 12 years ago

Thanks for the reply...but i am not getting my desired result i am still at point zero. i downloaded Astaro security gateway V8 but got the same results on that as well when i enable "scan https traffic" it started giving me certificate errors with transparent mode, now i again install UTM9 to try things again.
do i have to download and then upload the same certificate again on Https's CA.
so that it can recognize the requests.
or is there any other way to block specific https site i have tried using this
^https?://[A-Za-z0-9.-]+\.facebook\.com/
^https?://[A-Za-z0-9.-]+\.fbcdn\.net/
^https?://facebook\.com/
but no change https is still accessible if "scan https traffic is disabled" .

please explain in detail, if possible.

thanks.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 saqib over 12 years ago

Thanks for the reply...but i am not getting my desired result i am still at point zero. i downloaded Astaro security gateway V8 but got the same results on that as well when i enable "scan https traffic" it started giving me certificate errors with transparent mode, now i again install UTM9 to try things again.
do i have to download and then upload the same certificate again on Https's CA.
so that it can recognize the requests.
or is there any other way to block specific https site i have tried using this
^https?://[A-Za-z0-9.-]+\.facebook\.com/
^https?://[A-Za-z0-9.-]+\.fbcdn\.net/
^https?://facebook\.com/
but no change https is still accessible if "scan https traffic is disabled" .

please explain in detail, if possible.

thanks.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data