Web Filtering: Standard mode

This now appears to be affecting Windows clients, mostly when in use with the Chrome web browser. If I change to Transparent mode, then the problem disappears.

Okay, a couple of things to look at

1/. chrome and FF both implemented a new CA checking process to meet the new RFC.

2/. In transparent mode you don't setup any ports and you probably do not have scan https enabled whereas in Standard mode you have to setup the ports and add certificates.

Hi rfcat_vk,

Thank's for your response and for your advise on this issue. I'm stumped as to what is going on, this is a home install and nothing was changed at my end... it just randomly took a fit. That is interesting, the new CA checking process, if this is the issue, is there a work around? Would purchasing a certificate from a verified publisher help?

I've done some work on the UTM today, but I just can't work out what is wrong. HTTPS scanning (Decrypt and scan) is set for both Standard / Transparent. I've had Standard set for years, and it's just worked. When changing to Transparent, it works slightly better but not perfect... As a test, I disabled authentication (AD SSO) and then tried visiting https://www.google.co.uk. The browser threw up the Sophos UTM web protection block page, with the error "Reputation limit". I unblocked the domain, and Google then loaded successfully (Instead of the annoying error I've been getting with authentication enabled).

I'm thinking something is going a little crazy in regards to authentication, what do you think? I've rebooted both AD servers, but the problem is still on-going. I also noticed that "Standard" mode is no longer throwing up the prompt to authenticate when using a non-domain device, the webpage just keeps trying to load but doesn't get any where.

Thanks again for your help.

Regards,
Richard

Hi rfcat_vk,

Thank's for your response and for your advise on this issue. I'm stumped as to what is going on, this is a home install and nothing was changed at my end... it just randomly took a fit. That is interesting, the new CA checking process, if this is the issue, is there a work around? Would purchasing a certificate from a verified publisher help?

I've done some work on the UTM today, but I just can't work out what is wrong. HTTPS scanning (Decrypt and scan) is set for both Standard / Transparent. I've had Standard set for years, and it's just worked. When changing to Transparent, it works slightly better but not perfect... As a test, I disabled authentication (AD SSO) and then tried visiting https://www.google.co.uk. The browser threw up the Sophos UTM web protection block page, with the error "Reputation limit". I unblocked the domain, and Google then loaded successfully (Instead of the annoying error I've been getting with authentication enabled).

I'm thinking something is going a little crazy in regards to authentication, what do you think? I've rebooted both AD servers, but the problem is still on-going. I also noticed that "Standard" mode is no longer throwing up the prompt to authenticate when using a non-domain device, the webpage just keeps trying to load but doesn't get any where.

Thanks again for your help.

Regards,
Richard

Richard, the problem is the new policy in Chrome, just as rfcat_vk said.  The easiest solution is to apply the 9.413 Up2Date.

Cheers - Bob

Hi Bob,

Apologies for the delayed response. The 9.413 Up2Date did the trick, although this update didn't appear to be available to me prior to my last post. Thanks to you and rfcat_vk for your help with this matter, the headache is finally gone! :)

Cheers,
Richard