Hello All,
I cannot block all HTTPS sites except explicitly defined HTTPS sites...
I want to create a filter for a specific user (host actually) to ONLY be able to access online banking, Google (to search for banking sites only) and mail (Gmail, Yahoo mail and Hotmail) Here is what I tried.
1. Checked the “Scan HTTPS(SSL) Traffic” on Web Protection\Web Filtering Global Tab
2. Created a Filter Action
Name: “Google with Banking,gmail,yahoo,hotmail”
Mode: Block by default
Threshold: Off
Allow these website catagories: Finance/Investing
Allow these URL sites:
Name: “Google with Banking,gmail,yahoo,Hotmail”
Domains: Left this Blank
https://www.google.com/
https://mail.google.com/
http://mail.yahoo.com/
[url=http://www.hotmail.com/
Checked “Use Antivirus scanning”
3. Created a new filter action:
Name: “Google with Banking,gmail,yahoo,hotmail allways”
Allowed Users/Groups: Left this one blank
Time Event: Allways
Filter Action: “Google with Banking,gmail,yahoo,hotmail”
4. Created a Proxy Profile
Name: “Client IP 192.168.2.5”
Position: 1 (only one profile so far)
Source Networks:
Name: “Client IP 192.168.2.5”
Type: Host
IPv4 Address: 192.168.2.5
Filter Assignments: “Google with Banking,gmail,yahoo,hotmail allways”
Fallback Action: Default Filter Action
Operation Mode: Transparent
Authentication Type: None
Full Transparent mode: Did not check this
Scan HTTPS(SSL) Traffic: Did not check this
This works well to access the URLS listed in the filter action (Step 2. Above) and blocks all URLS using HTTP protocol but it DOES NOT block any URLS starting with HTTPS protocol.
When I also check the “Scan HTTPS(SSL) Traffic” on the “Client IP 192.168.2.5” Proxy Profile object, HTTPS sites are blocked but so are my allowed sites as defined in the “Google with Banking,gmail,yahoo,hotmail” Filter action (Step 2 above).
Can anyone see what I am doing wrong here?
Thanks!
This thread was automatically locked due to age.
