Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 4 subscribers
  • Views 5859 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Problems with sophos utm 9.4 web filtering option -Transparent Mode

DavidBowman

A very good day to you Sir !

I hope you are doing Great Sir !

I have a question regarding Sophos UTM 9.4 Home Edition of the Firewall

And it regards the -> Web Protection -> Web Filtering option

If I set the Web Default Download Filter to Block all downloads of the extension EXE as well as set to do an Antivirus Scan on all Traffic,

I can only get the Web Filter to work in Transparent Mode

The Transparent Mode Option can be found under -> Web Protection -> Web Filtering -> Transparent Mode

If I set the Option to Standard Mode, I "will be able" to download any and all exe files

If I set the Option to Transparent Mode, I "Will Not be able" to download any and all exe files

And this goes for any Virus files that I download as well.

In Standard Mode there is "no" Anti Virus Scanning and Blocking of files that I download

In Transparent Mode there "is" Anti Virus Scanning and Blocking of files that I download

Now the Problem is this

Every Time I set the option to Transparent Mode - My Kaspersky Antivirus will give out a warning message of  

"Cannot guarantee authenticity of the domain to which encrypted connection is established"

This is a Certificate Error and if I view the Certificate Error Message, it says 

"Windows does not have enough information to verify this Certificate"

And this will occur for every url and web site that I go to

This means that If I turn on Transparent Mode, I get FULL Protection for Antivirus Scanning and EXE Blocking

If I turn on Standard Mode, I do NOT get FULL Protection for Antivirus Scanning and EXE Blocking

And If I turn on Transparent Mode - I get the Certificate Error on every page I go to

Does anyone know how I can turn on FULL Antivirus Scanning and EXE Blocking but DO NOT GET the Certificate Errors ?

Hope to hear from you soon Sir !

Thank you very much for your time and kind help Sir !

Warm Regards as Always Sir !

Dr. David Bowman



This thread was automatically locked due to age.
  • 0

    Hi David,

    When you are using Transparent mode on UTM, that means you don't want to configure proxy settings on the browser. Alongside, when you swap to Standard mode, you have to explicitly tell the browser to use the proxy. I think you might have confused it here. Please refer: https://www.sophos.com/en-us/support/knowledgebase/115865.aspx

    Next, if you get certificate error while using Transparent mode, then most probably you have configured UTM to Decrypt and Scan all the HTTPS requests. To resolve this issue, please refer: https://www.sophos.com/en-us/support/knowledgebase/115315.aspx OR download the Signing CA from "Web Protection>Filtering options>HTTPS CA" and install it into the Trusted Root Certificates directory.

    Hope that helps:)

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • 0

    If Sachin's prescription doesn't solve your problem (it should), post a line from the Web Filtering log showing a correct block and also a line showing an incorrect allow.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Cookie Information Banner