This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

HTTP Proxy restart drops all https connections.

We have remote terminal server sessions with a Java client via https.
Every time the virus pattern is updated the HTTP proxy is restarted.
All packets which are to be transmitted during that time are answered with the RST flag set. This drops the terminal server connections and the software assumes a "man in the middle" attack.
Is there a way to avoid dropped https connections during proxy restart?

Andreas.

This thread was automatically locked due to age.

Parents

0 BAlfson over 16 years ago

If you are running in a transparent mode, try putting the remote servers into the 'Transparent mode skiplist'.

If you are in a non-transparent mode where the users' browsers are configured to point at the Astaro Proxy, then create a packet filter rule 'Internal (Network) -> HTTPS -> {Terminal Servers} : Allow' and configure the users' browsers with Proxy Exceptions for the servers.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 16 years ago

If you are running in a transparent mode, try putting the remote servers into the 'Transparent mode skiplist'.

If you are in a non-transparent mode where the users' browsers are configured to point at the Astaro Proxy, then create a packet filter rule 'Internal (Network) -> HTTPS -> {Terminal Servers} : Allow' and configure the users' browsers with Proxy Exceptions for the servers.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data