Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 18 replies
  • Answers 3 answers
  • Subscribers 4 subscribers
  • Views 22094 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

bypass webpage blocked not working

Jean-Marc Debono

In our company, we have two Sophos SG210 set up in cluster. In the Sophos, proxy web filtering is activate on the cluster and the ByPass Users tab is enable for all Active Directory Users. However when a user (member of the domain) is connected on a website blocked by the Sophos UTM, the option to unblock webpage is displayed but when he clicks on the button, it leads to a authentication error webpage with no possibility to unblock the webpage. Can you please help me on this topic as it's really annoying for end users.

Thanks



This thread was automatically locked due to age.
Parents
  • 0

    When the Exception link is selected, UTM is expecting an ADMIN login.   If you have an environment that allows admins to see user screens, this link is pretty useful.

    However, if you are going to let any employee to whitelist any webpage, why use UTM at all?    There are serious threats out there, and the only way to protect yourself from them is to analyze the threat before proceeding.

    Some of the things you could/should check:

    • What is blocked, a main page or a component?
    • Why is it blocked:  Category?  Reputation?  Encryption Protocols?  Company Policy?
    • If uncategorized, have you used TrustedSites.org to see whether McAfee agrees that it is uncategorized, and whether McAfee thinks it is safe?   (Until 9.6, UTM has some problems with overlooking some of McAfee's categories.)   If uncategorized, has it been submitted for evaluation?
    • Do a DNS lookup against quad9.org (9.9.9.9) and see if they return a result or not.   If UTM does not block the query and Quad9 returns no result, Quad9 thinks the DNS name is dangerous.

    I guess you could get your desired result by making every employee a member of the UTM admin group.

  • 0 in reply to DouglasFoster

    Thanks for your answer, unfortunately the problem is that when I want to bypass a website instead of having credentials to enter, I have a blank webpage with authentification error written at the top...

  • 0 in reply to Jean-Marc Debono

    1 How the Web Filter authentication is configured? It is in browser mode or Active directory

    2 How the Web Filter port is configured Standart Mode or Transparent mode


    I think you have configured the proxy in standart mode (redirecting browser in port 8080 or 3821)
    This error can be bypassed if the Proxy is in Transparent Mode
    or In the client browser check Bypass proxy server for local addresses

    I will suggest you Importing the UTM certificate as well on the clients. Or you can push it by Active Directory GPO

Reply
  • 0 in reply to Jean-Marc Debono

    1 How the Web Filter authentication is configured? It is in browser mode or Active directory

    2 How the Web Filter port is configured Standart Mode or Transparent mode


    I think you have configured the proxy in standart mode (redirecting browser in port 8080 or 3821)
    This error can be bypassed if the Proxy is in Transparent Mode
    or In the client browser check Bypass proxy server for local addresses

    I will suggest you Importing the UTM certificate as well on the clients. Or you can push it by Active Directory GPO

Children
No Data
Unfiltered HTML