Error code 502 quand le "web filtering" est actif

Question

(Google translation to English below.) 
 Bonjour, 
 Lorsque j'active le "web filtering" dans l'UTM 9, quel que soit la policies associ&eacute; (m&ecirc;me no filtering) il y a certains sites qui ne se chargent plus avec Chrome, mais qui fonctionnent avec Internet Explorer. Sous chrome cela se fini avec un "connexion reset by peer" apr&egrave;s 20 sec, alors que sans le web filtering cela fonctionne bien avec tous les navigateurs. (c'est r&eacute;p&eacute;table sur d'autres ordinateurs du domaine) 
 Dans le live log j'ai par exemple pour le site http://www.20min.ch/ro/ : 
 2017:06:25-22:42:23 sophaigle httpproxy[8241]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="GET" srcip="192.168.1.31" dstip="107.154.117.172" user="" group="" ad_domain="" statuscode="502" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="0" request="0x1654a400" url=" http://www.20min.ch/ro/" referer="" error="Connection reset by peer" authtime="0" dnstime="14549" cattime="105" avscantime="0" fullreqtime="120066833" device="0" auth="0" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36" exceptions="" 
 J'ai tent&eacute; plusieurs solutions trouv&eacute;es sur le forum comme augment&eacute; le d&eacute;lai "autentification timeout" ou de taper dans la console la commande pour activer le param&egrave;tre relay_invalid_traffic afin de laisser passer le trafic invalide.... comme propos&eacute; dans l'article : https://community.sophos.com/kb/en-us/123730 
 Ce Web filtering n'a jamais pu &ecirc;tre activ&eacute; par l'installateur de l'UTM qui na rien trouv&eacute; et a laiss&eacute; &ccedil;a en l'&eacute;tat.... 
 Pour les param&egrave;tres, je suis en mode transparent, pas de param&egrave;tres particuliers. 
 Le r&eacute;seau autoris&eacute; est le r&eacute;seau interne. 
 Avez-vous d&eacute;j&agrave; eu la cas ou est-ce que quelqu'un connait la commande relay_invalid_traffic pour l'UTM 9? 
 Mille mercis! 
 When I activate the "web filtering" in the UTM 9, whatever the associated policies (even no filtering) there are certain sites that no longer load with Chrome but that work with Internet Explorer. Under chrome this ends with a "connection reset by peer" after 20 sec, while without the web filtering it works well with all browsers. (This is repeatable on other computers in the domain) In the live log I for example for the site : http://www.20min.ch/ro/ : 
 2017:06:25-22:42:23 sophaigle httpproxy[8241]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="GET" srcip="192.168.1.31" dstip="107.154.117.172" user="" group="" ad_domain="" statuscode="502" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="0" request="0x1654a400" url=" http://www.20min.ch/ro/" referer="" error="Connection reset by peer" authtime="0" dnstime="14549" cattime="105" avscantime="0" fullreqtime="120066833" device="0" auth="0" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36" exceptions="" 
 I tried several solutions found on the forum as increased the timeout "authentication timeout" or typing in the console command to activate the relay_invalid_traffic parameter in order to pass invalid traffic .... as proposed in the article: https://community.sophos.com/kb/en-us/123730 This Web filtering could never be activated by the installer of the UTM who found nothing and left it as is. For settings, I'm in transparent mode, no special settings. The authorized network is the internal network. Have you ever had the case or does anyone know the relay_invalid_traffic command for UTM 9? Many thanks!

BAlfson · Answer

Salut Nicolas et bienvenue dans la communaut&eacute; de l'UTM ! 
 Dans la communaut&eacute;, il me plait beaucoup de voir les gens poster dans leur langue natale au lieu d&rsquo;utiliser Google Traduction pour poster en anglais. N&eacute;anmoins, l&rsquo;anglais est la lingua franca de nos jours et c&rsquo;est pour &ccedil;a que j&rsquo;ai rajout&eacute; le r&eacute;sultat de Google Traduction &agrave; ton post. Je ferai pareil pour la partie de mon r&eacute;ponse en fran&ccedil;ais. 
 Hi Nicolas and welcome to the UTM community! 
 In the community, I like to see people post in their native language instead of using Google Translate to post in English. Nevertheless, English is the lingua franca of today and that's why I added Google Translate to your post. I will do the same for the part of my answer in French. (Wow! I did not touch a thing and Google made a perfect translation!) 
 That KnowledgeBase article applies to the XG, not the UTM - did you mean to join and post in the XG forum? If so, we'll need to signal an administrator to move your question to that part of the Community. 
 To solve the 502 error problem in the UTM, the first thing to try is an Exception for anti-virus scanning for the site. If that doesn't work, the only thing one can do in Transparent mode is to add a DNS Host definition for www.20min.ch to the Destination Skiplist on the 'Advanced' tab in 'Filtering Options". 
 Cheers - Bob