Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Subscribers 5 subscribers
  • Views 4806 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[Not work] UTM 9.355-1 WebProxy (Transparent) + Sophos Cloud Endpoint + Windows 10

NewImage

Hi

I have been trying to install Sophos cloud Anti-Virus on systems in my environment.

I have not been able to get it working on any Windows 10 box, but it installs OK on windows 7. I looked at the installation logs on my 10 box (SophosUpdate)

2016-04-12T15:48:05.477Z [ 1280] WARN WindowsProxyDiscoveryWrapper::GetProxyForUrl Failed to get the automatic proxy configuration. The error code was 12180.

2016-04-12T15:48:06.587Z [ 1280] ERROR SUL-Log [E43425] Failed to find package HIPS
2016-04-12T15:48:06.587Z [ 1280] ERROR SUL-Log [E96874] HIPS
2016-04-12T15:48:06.602Z [ 1280] ERROR SDDSDownloader::ReportSyncFailure Failed to synchronise

I have all my LAN traffic using UTMs WebProxy using transparent mode. When I disabled Transparent mode and just used a NAT for http and https traffic, the Endpoint protection was able to connect. The Web Proxy does not show any errors, or blocks

------------------------------

I checked my windows 7 box, and I get the same error, but it was able to proceed anyway

2016-04-14T16:37:42.804Z [ 8040] WARN WindowsProxyDiscoveryWrapper::GetProxyForUrl Failed to get the automatic proxy configuration. The error code was 12180

Is there a way to run Sophos cloud and Sophos UTM on the same network?



This thread was automatically locked due to age.
  • 0

    I swear I remember reading about this issue in a Sophos knowledgebase item... If I can find the article I will post it for you.

  • 0

    So there are 2 possible ways for this to work, I'm Testing both.

    1) The way I did it was to add DNS hosts listed here https://www.sophos.com/support/knowledgebase/121936.aspx to 

    Web Protection > Filtering Options > Misc > Skip Transparent Mode Destination Hosts.

    And set up  Firewall rule/NAT for any 80 or 443 going to any of those domains.

    2) The second way, The helpdesk at Sophos said they should be added to the To Web Protection > Filtering Options > Exceptions > Sophos Services.

    I would like to go with option number 2, so I would need no NAT, but the DNS I added to the skip list that got it working, was already in this group, so I don't know if it will work.

    -----------------------------------------------

    Edit:
    I tried removing the Skip transparent mode, and it still did not work, it looks like 1 is the way to do it.