Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 28 replies
  • Subscribers 1 subscriber
  • Views 26107 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

https - some online banking does not work

profesor
Hi!
setup ASG 7.503 UP to date
transparent mode enabled
from  https://passthrough.fw-notify.net/cacert.pem sucesfully imported cert 
but I have problem:
some https links (on -line BANKING) work and some DO NOT
error client ssl certificate mot imported ( BUT IMPORTED)
any advice??


This thread was automatically locked due to age.
Parents
  • 0
    Until you get more familiar with the Astaro, I recommend that you NOT run HTTPS traffic through the Astaro:

    Create a packet filter rule 'Internal (Network) -> HTTPS -> Internet : Allow', and then go to the 'Global' tab for Web Security >> HTTP/S' and uncheck the 'Scan HTTPS (SSL) Traffic' box.

    CHeers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    On all ather https work perfect for me (included bank)
    only hypo, fina, zaba and Microsoft have a problem.

    problem not resolved because http/s must be scaned
  • 0 in reply to profesor
    Check out the soft-release of 7.504 (now at ftp.astaro.de) ... it adds the ability to bypass HTTPS scanning for individual URLs now, whilst scanning everything else.  Note that the soft-release is something I would only use for testing or for cases when I really needed something fixed; sometimes bugs are discovered during the soft-release phase that are patched before the final "push" release.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Reply
  • 0 in reply to profesor
    Check out the soft-release of 7.504 (now at ftp.astaro.de) ... it adds the ability to bypass HTTPS scanning for individual URLs now, whilst scanning everything else.  Note that the soft-release is something I would only use for testing or for cases when I really needed something fixed; sometimes bugs are discovered during the soft-release phase that are patched before the final "push" release.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Children
No Data