Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 1 subscriber
  • Views 2706 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Astaro blocking DropBox

SalishSwede
I'm seeing the following errors in the Web Filtering logs which appear to be the root cause of Drop Box not working at all on a Mac

ASG 8.301 running on a VMWare ESX Hypervisor

Mac:  OSX Lion

DropBox:  downloaded today


[FONT=monospace]2012:04:04-03:26:12  wahine httpproxy[28516]: id="0001" severity="info" sys="SecureWeb"  sub="http" name="http access" action="pass" method="CONNECT"  srcip="10.1.2.31" dstip="" user="doug" statuscode="200" cached="0"  profile="REF_HttProAir (Air)" filteraction="REF_xtQVuVVAPc (Doug)"  size="0" request="0xba84038" url="client35.dropbox.com/.../FONT]
[FONT=monospace]2012:04:04-03:26:12  wahine httpproxy[28516]: id="0003" severity="info" sys="SecureWeb"  sub="http" request="0xacc5478" function="ssl_log_errors" file="ssl.c"  line="50" message="C 10.1.2.31: 3900423024:error:14094418:SSL  routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1087:SSL alert  number 48 [/FONT]
[FONT=monospace]2012:04:04-03:26:12  wahine httpproxy[28516]: id="0003" severity="info" sys="SecureWeb"  sub="http" request="0xacc5478" function="ssl_log_errors" file="ssl.c"  line="50" message="C 10.1.2.31: 3900423024:error:140940E5:SSL  routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:838: [/FONT]
[FONT=monospace]2012:04:04-03:26:12  wahine httpproxy[28516]: id="0001" severity="info" sys="SecureWeb"  sub="http" name="http access" action="pass" method="CONNECT"  srcip="10.1.2.31" dstip="" user="doug" statuscode="200" cached="0"  profile="REF_HttProAir (Air)" filteraction="REF_xtQVuVVAPc (Doug)"  size="0" request="0xacc5478" url="client51.dropbox.com/.../FONT]
[FONT=monospace]2012:04:04-03:26:12  wahine httpproxy[28516]: id="0003" severity="info" sys="SecureWeb"  sub="http" request="0xacc5ce8" function="ssl_log_errors" file="ssl.c"  line="50" message="C 10.1.2.31: 3883637616:error:14094418:SSL  routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1087:SSL alert  number 48 [/FONT]
[FONT=monospace]2012:04:04-03:26:12  wahine httpproxy[28516]: id="0003" severity="info" sys="SecureWeb"  sub="http" request="0xacc5ce8" function="ssl_log_errors" file="ssl.c"  line="50" message="C 10.1.2.31: 3883637616:error:140940E5:SSL  routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:838: [/FONT]
[FONT=monospace]2012:04:04-03:26:12  wahine httpproxy[28516]: id="0001" severity="info" sys="SecureWeb"  sub="http" name="http access" action="pass" method="CONNECT"  srcip="10.1.2.31" dstip="" user="doug" statuscode="200" cached="0"  profile="REF_HttProAir (Air)" filteraction="REF_xtQVuVVAPc (Doug)"  size="0" request="0xacc5ce8" url="client85.dropbox.com/.../FONT]
[FONT=monospace]2012:04:04-03:26:12  wahine httpproxy[28516]: id="0003" severity="info" sys="SecureWeb"  sub="http" request="0xacb98b0" function="ssl_log_errors" file="ssl.c"  line="50" message="C 10.1.2.31: 3866852208:error:14094418:SSL  routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1087:SSL alert  number 48 [/FONT]
[FONT=monospace]2012:04:04-03:26:12  wahine httpproxy[28516]: id="0003" severity="info" sys="SecureWeb"  sub="http" request="0xacb98b0" function="ssl_log_errors" file="ssl.c"  line="50" message="C 10.1.2.31: 3866852208:error:140940E5:SSL  routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:838: [/FONT]
[FONT=monospace]2012:04:04-03:26:12  wahine httpproxy[28516]: id="0001" severity="info" sys="SecureWeb"  sub="http" name="http access" action="pass" method="CONNECT"  srcip="10.1.2.31" dstip="" user="doug" statuscode="200" cached="0"  profile="REF_HttProAir (Air)" filteraction="REF_xtQVuVVAPc (Doug)"  size="0" request="0xacb98b0" url="client49.dropbox.com/"  exceptions="" error=""

Can anyone make any sense out of this?

Thanks,

Doug
[/FONT]


This thread was automatically locked due to age.
Parents
  • 0
    Hi Dougga,

    It looks as if you are using SSL scanning in the proxy. In that case, you will indeed need to make exceptions, as this is intended behaviour of the proxy to block "tunneling programs" when SSL scanning is enabled. As these programs don't comply with the certificate process in the normal manner that a website on https would, (as SSL was intended!) they are rendered ineffective when SSL scanning is used.
Reply
  • 0
    Hi Dougga,

    It looks as if you are using SSL scanning in the proxy. In that case, you will indeed need to make exceptions, as this is intended behaviour of the proxy to block "tunneling programs" when SSL scanning is enabled. As these programs don't comply with the certificate process in the normal manner that a website on https would, (as SSL was intended!) they are rendered ineffective when SSL scanning is used.
Children
No Data