Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 1 subscriber
  • Views 2717 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Astaro blocking DropBox

SalishSwede
I'm seeing the following errors in the Web Filtering logs which appear to be the root cause of Drop Box not working at all on a Mac

ASG 8.301 running on a VMWare ESX Hypervisor

Mac:  OSX Lion

DropBox:  downloaded today


[FONT=monospace]2012:04:04-03:26:12  wahine httpproxy[28516]: id="0001" severity="info" sys="SecureWeb"  sub="http" name="http access" action="pass" method="CONNECT"  srcip="10.1.2.31" dstip="" user="doug" statuscode="200" cached="0"  profile="REF_HttProAir (Air)" filteraction="REF_xtQVuVVAPc (Doug)"  size="0" request="0xba84038" url="client35.dropbox.com/.../FONT]
[FONT=monospace]2012:04:04-03:26:12  wahine httpproxy[28516]: id="0003" severity="info" sys="SecureWeb"  sub="http" request="0xacc5478" function="ssl_log_errors" file="ssl.c"  line="50" message="C 10.1.2.31: 3900423024:error:14094418:SSL  routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1087:SSL alert  number 48 [/FONT]
[FONT=monospace]2012:04:04-03:26:12  wahine httpproxy[28516]: id="0003" severity="info" sys="SecureWeb"  sub="http" request="0xacc5478" function="ssl_log_errors" file="ssl.c"  line="50" message="C 10.1.2.31: 3900423024:error:140940E5:SSL  routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:838: [/FONT]
[FONT=monospace]2012:04:04-03:26:12  wahine httpproxy[28516]: id="0001" severity="info" sys="SecureWeb"  sub="http" name="http access" action="pass" method="CONNECT"  srcip="10.1.2.31" dstip="" user="doug" statuscode="200" cached="0"  profile="REF_HttProAir (Air)" filteraction="REF_xtQVuVVAPc (Doug)"  size="0" request="0xacc5478" url="client51.dropbox.com/.../FONT]
[FONT=monospace]2012:04:04-03:26:12  wahine httpproxy[28516]: id="0003" severity="info" sys="SecureWeb"  sub="http" request="0xacc5ce8" function="ssl_log_errors" file="ssl.c"  line="50" message="C 10.1.2.31: 3883637616:error:14094418:SSL  routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1087:SSL alert  number 48 [/FONT]
[FONT=monospace]2012:04:04-03:26:12  wahine httpproxy[28516]: id="0003" severity="info" sys="SecureWeb"  sub="http" request="0xacc5ce8" function="ssl_log_errors" file="ssl.c"  line="50" message="C 10.1.2.31: 3883637616:error:140940E5:SSL  routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:838: [/FONT]
[FONT=monospace]2012:04:04-03:26:12  wahine httpproxy[28516]: id="0001" severity="info" sys="SecureWeb"  sub="http" name="http access" action="pass" method="CONNECT"  srcip="10.1.2.31" dstip="" user="doug" statuscode="200" cached="0"  profile="REF_HttProAir (Air)" filteraction="REF_xtQVuVVAPc (Doug)"  size="0" request="0xacc5ce8" url="client85.dropbox.com/.../FONT]
[FONT=monospace]2012:04:04-03:26:12  wahine httpproxy[28516]: id="0003" severity="info" sys="SecureWeb"  sub="http" request="0xacb98b0" function="ssl_log_errors" file="ssl.c"  line="50" message="C 10.1.2.31: 3866852208:error:14094418:SSL  routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1087:SSL alert  number 48 [/FONT]
[FONT=monospace]2012:04:04-03:26:12  wahine httpproxy[28516]: id="0003" severity="info" sys="SecureWeb"  sub="http" request="0xacb98b0" function="ssl_log_errors" file="ssl.c"  line="50" message="C 10.1.2.31: 3866852208:error:140940E5:SSL  routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:838: [/FONT]
[FONT=monospace]2012:04:04-03:26:12  wahine httpproxy[28516]: id="0001" severity="info" sys="SecureWeb"  sub="http" name="http access" action="pass" method="CONNECT"  srcip="10.1.2.31" dstip="" user="doug" statuscode="200" cached="0"  profile="REF_HttProAir (Air)" filteraction="REF_xtQVuVVAPc (Doug)"  size="0" request="0xacb98b0" url="client49.dropbox.com/"  exceptions="" error=""

Can anyone make any sense out of this?

Thanks,

Doug
[/FONT]


This thread was automatically locked due to age.
  • 0
    Testing on Windows fails as well.

    I'm setting up proxy settings on the app per normal.
  • 0
    Have you tried adding exceptions for SSL scanning?
  • 0
    you can try the exceptions but dropbox may be acting correctly in the presence of a man in the middle(which is what ssl proxying does).  Once a MITM is detected the connection is simply barfed by the remote endpoint.

    Owner:  Emmanuel Technology Consulting

    http://etc-md.com

    Former Sophos SG(Astaro) advocate/researcher/Silver Partner

    PfSense w/Suricata, ntopng, 

    Other addons to follow

  • 0
    Hi Dougga,

    It looks as if you are using SSL scanning in the proxy. In that case, you will indeed need to make exceptions, as this is intended behaviour of the proxy to block "tunneling programs" when SSL scanning is enabled. As these programs don't comply with the certificate process in the normal manner that a website on https would, (as SSL was intended!) they are rendered ineffective when SSL scanning is used.
  • 0
    Simply setup a socks4 or socks5 proxy under 

    network protection > advanced > socks proxy

    Then tell dropbox to use the socks4/socks5 proxy

    :1080

    Worked for me on win7x64 with dropbox v1.4.17.
Cookie Information Banner