Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 5 replies
  • Subscribers 4 subscribers
  • Views 1715 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Traffic allowed although policy test says 'blocked'

JoergH

Hello All,

I'm having a weird problem here. I want to block a server completely from accessing the internet. What I've done:

- Created a firewall rule that blocks all traffic. Checked it, works for any port except FTP/HTTP/HTTPS (as expected, as I do have web filtering enabled)

- Added a 'block all' web filtering policy for this host

- Did a policy check for this hosts' IP to, say, www.dlr.de -> Result blocked, so OK!

- Did a 'wget www.dlr.de' from the host itself - works, so NOT OK?!?

- Turn off web filtering

- Did a 'wget www.dlr.de' from the host itself - doesn't work any more

So it's definitely web filtering, but policy check everything is fine. Can anybody sched some light on what might be going wrong here?

Thank you,

   Jörg



This thread was automatically locked due to age.
Parents Reply
  • 0 in reply to dirkkotte

    Thank you for your suggestion. Now that is super weird! I just did that and noticed that since 08/20 no more accesses have been logged.

    I'll restart the UTM as soon as possible, but this definitely looks like a UTM problem to me, no?

    Version is 9.701-6, I need to update anyways, but it's always scary from the home office.

    Thank you and best regards,

        Jörg

Children