Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 1245 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[BUG] Web Filtering -> Exceptions

Siarom
The rule is created for the user, and all users are synchronized by AD. But the rule is not doing to correct exceptions.
UTM v9.006-5 

2013:03:27-08:45:34 secg97 httpproxy[4626]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.51" dstip="12.234.113.129" user="daniel.gurgel" statuscode="200" cached="0" profile="REF_HttProAcessGeral (Acesso Geral)" filteraction="REF_HttCffAcessAtend (Acesso Geral)" size="573" request="0xb98cdb60" url="www.mcafee.com/.../domain.ashx



2013:03:27-08:45:35 secg97 httpproxy[4626]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.51" dstip="12.234.113.129" user="daniel.gurgel" statuscode="200" cached="0" profile="REF_HttProAcessGeral (Acesso Geral)" filteraction="REF_HttCffAcessAtend (Acesso Geral)" size="1192" request="0xbe75a210" url="www.mcafee.com/.../domain.ashx



2013:03:27-08:45:36 secg97 httpproxy[4626]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.51" dstip="12.234.113.129" user="daniel.gurgel" statuscode="200" cached="0" profile="REF_HttProAcessGeral (Acesso Geral)" filteraction="REF_HttCffAcessAtend (Acesso Geral)" size="1354" request="0x92603a88" url="www.mcafee.com/.../domain.ashx



2013:03:27-08:46:00 secg97 httpproxy[4626]: id="0060" severity="info" sys="SecureWeb" sub="http" name="web request blocked, forbidden category detected" action="block" method="GET" srcip="192.168.2.51" dstip="" user="daniel.gurgel" statuscode="403" cached="0" profile="REF_HttProAcessGeral (Acesso Geral)" filteraction="REF_HttCffAcessAtend (Acesso Geral)" size="2982" request="0xb6e05aa0" url="www.twitter.com/" exceptions="certcheck,certdate" error="" reason="category" category="195" reputation="neutral" categoryname="Social Networking"


This thread was automatically locked due to age.
  • 0
    For some reason, the Twitter access was handled by a different Exception - one that only skips "certcheck,certdate" as opposed to URL Filter and Content Removal as in the picture.

    The Help includes, "Also, in Standard mode, matching for certain users/groups does not work due to the missing authentication."  That doesn't make sense to me, but I've never tried an exception tied to an AD group.  Anyone else?

    Cheers - Bob
  • 0 in reply to BAlfson
    There is an exception to ignore the certificates for my entire network, regardless, the rules are treated in some order?

    Users and groups are correct ... after Proxy restart, navigation returned to normal.
  • 0
    after Proxy restart, navigation returned to normal

    Arghh!  Can you submit a bug report via a support ticket to Sophos?  This seems like something that should be easy to fix.

    Cheers - Bob