Ok guys, I started plugging away and ran into a major issue.
So my UTM is working by all accounts.
I activate HTTPS scanning and the User Portal (with access from only the admin and "guest" user) so that users can download the cert if and when they need. I went to test and see if downloading the cert provided in the user portal allowed access to HTTPS while letting the filter scan it worked.
So I try and go expecting to see a site not trusted from Chrome and nothing. Ok fine. Now I try and use HTTPS to go to bad searches while logged into Google and not only was I able to search for "****" in my case (I was wondering if Google Safe Serach ON would be enforced if it could scan the HTTPS body) but I clicked on the top result for good measure and it went!
Low and behold nothing is being blocked by my filter right now. Aside from the certificate change I recently upgraded my firmware....I have turned the web filter off and on to no avail and I am completely flabbergasted as to what happened. Its almost as if the filter does not exist. And no i'm not in standard mode not pointed to the proxy, its in normal transparent mode. If anyone knows what this is please enlighten me!
Thanks,
Bergie
**Edit**
I have also tried rebooting the hardware, taking the certificate out of my browser in case that was somehow allowing me past everything, and double triple checking with another client laptop to see if they were unfiltered too and indeed they were!!! I'm losing my mind. I can't trust something that just randomly lets everything work after a simple firmware upgrade! I mean had this truly been in production and not just in my home I would be ... in a world of hurt to say the least.
**Edit**
I even tried disabling all firewall rules (for a deny all policy with the exception of my pc > https > sophos rule) so I could access the box and still no luck. I can go anywhere I want on the web unrestricted.
Oddly enough though Google safe search seems to be in effect on HTTP...so somethings working.... leads me to believe its a config issue but for the life of me I can't figure out what it is.
**Edit**
Tried backing up to 2 different old configurations. The first one I was not 100% sure if it was blocking what I am now seeing that is being "allowed" but the second one should have for sure, I made the backup myself and always do a through check before I do. The firmware did stay the same though so perhaps its possible its a problem with it and my settings or hardware or something?
**Edit**
Restored to oldest config I had and the system is back to blocking the content. Not sure what happened there, got me pretty good. I'll try and post once I know what was causing the issue.
This thread was automatically locked due to age.
