Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 4 replies
  • Answers 1 answer
  • Subscribers 5 subscribers
  • Views 2173 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to search for facebook solutions?

rfcat_vk

Hi folks,

I am trying to fix my access to facebook. If I disable the webproxy, facebook works.

With the webproxy enabled and https scanning disabled facebook doesn't work. I have re-enabled the https proxy scanning and set a bypass in the profile. Sometimes the FF throws up an insecurity error and will not let facebook through. I look at the logs and see the facebook is blocked because the connection timed out.

I don't have a PC to try this out on, all being done on Mac books or ipads.

This is getting very frustrating.

Currently running UTM 9.5b, but this problem started before I loaded 9.5b onto the UTM.



This thread was automatically locked due to age.
Parents
  • 0

    Hey there.

    We need some logs and screenshots of your Web Protection configuration and exceptions to help you. I'm assuming you are setting Web Protection in Transparent Mode with no authentication. For HTTPS you have the option of URL filtering only, Decrypt and Scan or to not proxy HTTPS traffic at all. Which one are you using?

    Regards - Giovani

Reply
  • 0

    Hey there.

    We need some logs and screenshots of your Web Protection configuration and exceptions to help you. I'm assuming you are setting Web Protection in Transparent Mode with no authentication. For HTTPS you have the option of URL filtering only, Decrypt and Scan or to not proxy HTTPS traffic at all. Which one are you using?

    Regards - Giovani

Children
  • 0 in reply to giomoda

    Hi,

    I am using web protection in transparent mode - no authentication. I have tried the URL only and the decrypt and scan and just tried do not proxy https all fail to pass facebook. All other applications work.

    Yes, there is a firewall rule to all internal -> any -> all -> allow.

    I will send you the webfilter log in a PM.

  • 0 in reply to giomoda

    Found the cause. A month or so ago I tightened the surfing rules by applying https scanning in two places. I found the seond place this morning and removed it. Mind you FF still doesn't connect with https scanning disabled, while Safari does.

    Still experimenting on how to tighten scanning while allowing facebook.

  • 0 in reply to rfcat_vk

    Removing HTTPS scanning was the easy and wrong answer.

    I reviewed the daily reports and found very little facebook activity and lots of fbcdn.net.

    So I changed all the htpps bypass back to active and setup a new set of exceptions which work except for facebook messenger, something else to investigate.

    The exceptions I added are

    ^https?://[A-Za-z0-9.-]*\.facebook\.net

    ^https?://[A-Za-z0-9.-]*\.facebook\.com

    ^https?://[A-Za-z0-9.-]*\.fbcdn\.net

    This works and has increased my security on websurfing. Google on FF on mac book pro is slower to respond and google on android is broken. Needs new certificate installed.

    Now waiting for the wife to use her internet access and tell .......