Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 2215 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

URL being blocked despite exception ruling set to bypass all checks

mactag
Hi,

I'm hoping someone can shed some light on an issue I'm having with a particular URL that fails to load. The browser displays 'Connection timed out' and the log output for the request lists the following:-

2013:05:01-15:39:27 proxy httpproxy[6487]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="GET" srcip="172.20.22.136" dstip="152.99.246.11" user="aaaaaa" statuscode="502" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="4672" request="0xc49708a8" url="www.dapa.go.kr/" exceptions="av,content,url,mime,cache,fileextension" error="Connection timed out"

The URL successfully loads from all other internet connections except for the one going through the Astaro.

I am using an Astaro ASG320 firmware 8.305.

If anyone can help it would be appreciated.

Regards,
Mark.


This thread was automatically locked due to age.
  • 0
    statuscode="502" [...] exceptions="av

    Mark, it looks like you've made the best possible adjustment with your exception.  I think your only alternative is to add that FQDN to 'Exceptions' in 'Proxy Settings' for your clients.

    However, there's no problem with it from here.  V8.309.  Standard/AD-SSO with SSL scanning enabled.  If your 320 isn't at the edge with a public IP, maybe your edge device is causing this for the Astaro.

    Cheers - Bob
  • 0
    In version 8.3, country blocking is very powerfull. Have you checked there?
  • 0
    oldeda is right!  I thought about but failed to add what I call Rule #1 (enhanced):

    Whenever something seems strange, always check the Intrusion Prevention,
    Application Control and Firewall logs.


    Cheers - Bob
  • 0 in reply to BAlfson
    Hi,

    The issue has turned out to be nothing to do with the Astaro device, for some reason the owners of the domain are blocking our Public IP address.

    Thanks for the help.

    Mark.