Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 1 subscriber
  • Views 1874 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Astaro Proxy server blocked the request

jayaprakashkumar
Hello,

Could you Please help on the below, 
Astaro proxy server blocked the web request and proxy web filter logs showing user values in Chinese character.

Any one could you please suggest...

Proxy web filter logs:-
---------------------
2012:06:21-11:55:57 astaro-ddf httpproxy[5731]: id="0003" severity="info" sys="SecureWeb" sub="http" request="0x83b92e18" function="adir_auth_process_ntlm" file="auth_adir.c" line="1244" message="lm response security buffer outside packet or response to long" 
2012:06:21-11:55:57 astaro-ddf httpproxy[5731]: id="0003" severity="info" sys="SecureWeb" sub="http" request="0x83b92e18" function="auth_adir_auth_crap_callback" file="auth_adir.c" line="1061" message="Authorization denied (NT_STATUS_NO_SUCH_USER)" 
2012:06:21-11:55:57 astaro-ddf httpproxy[5731]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="CONNECT" srcip="192.168.1.192" dstip="" user="䱇协䕓" statuscode="407" cached="0" profile="REF_YxPXGVhBym (Astaro Proxy)" filteraction=" ()" size="4603" request="0x83b92e18" url="ebics.db.com/" exceptions="" error=""


This thread was automatically locked due to age.
  • 0
    Hi, and welcome to the User BB!

    NT_STATUS_NO_SUCH_USER

    What version - V8.30x?  If so, are there any winbindd errors in the log?  If not, then it appears there's something wrong with the authentication server configuration.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    Hi,

    Current firmware version is :  8.305,

    Please find the attached all log screen shots file image007.png and image008.png, from this which log we need to check or which log is required identify the issue.

    Thanks
  • 0
    Search on winbind in the Web Filtering file for 2012:06:21.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    Hi,
    We don't see any error related to winbind in the Web Filtering file on that day(2012:06:21). i have attached new screen shot of web filtering log.

    we see only Authorization denied (NT_STATUS_NO_SUCH_USER) error in the log.

    Pls suggest is anything we can check to resolve this issue...

    Thanks...
  • 0
    This may be a related problem.  Try:
    • Delete astaro-ddf from the Computers in your Active Directory.
    • From WebAdmin, 'Definitions and Users >> Authentication Servers', 'Single Sign-On' tab, join the Astaro to your domain again.

    Did that fix your problem?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Cookie Information Banner