Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 1 subscriber
  • Views 9817 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Business Video Conference Site Blocked

gzartman
I've got SSL Filtering setup with transparent proxy and it is blocking a business video conference site and I can't seem to figure out why.  The site is called zoom.us.   I have talked with the support folks at zoom and they say go create exceptions for .zoom.us and *.zoomsvr.com.  So, I created the following:

^https?://[A-Za-z0-9.-]*\.zoom\.us/
^http?://[A-Za-z0-9.-]*\.zoom\.us/
^https?://[A-Za-z0-9.-]*\.zoomsvr\.com/
^http?://[A-Za-z0-9.-]*\.zoomsvr\.com/

Connection to the video conferencing is still being blocked (works fine with filtering shut off).  

I pulled up the live log for web filtering and I'm not seeing any blocked log entries.  The only entry that stands out are these 2 ssl error entries:

2014:04:22-23:09:13 gateway httpproxy[17663]: id="0003" severity="info" sys="SecureWeb" sub="http" request="0xd880ee0" function="ssl_log_errors" file="ssl.c" line="86" message="C 192.168.0.102: 4090403696:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1256:SSL alert number 48"

2014:04:22-23:09:13 gateway httpproxy[17663]: id="0003" severity="info" sys="SecureWeb" sub="http" request="0xd880ee0" function="ssl_log_errors" file="ssl.c" line="86" message="C 192.168.0.102: 4090403696:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:989:"


I'm not sure if this is associated with the video conferencing or not. 

Any suggestions on how to track this down?

Thanks

Greg


This thread was automatically locked due to age.
  • 0
    A quick follow-up:

    I setup my client machine to connect directly to the proxy server so that I wasn't using transparent proxy and the video conference connection works fine.  Seems this is just an issue with transparent proxy.

    Is their a way to fix this?

    Thanks,

    Greg
  • 0
    Can you please post full http log of when it is not working?

    How is your HTTPS scanning set?

    What version of the UTM are you using?
  • 0 in reply to Michael Dunn
    Can you please post full http log of when it is not working?


    I'll post at the end of this message


    How is your HTTPS scanning set?


    Transparent mode, HTTPS Decrypt and Scan, Filter set to force safe search, all other settings are default.


    What version of the UTM are you using?


    9.201-23

    Live Log during connection problem (192.168.0.102 is my client IP address): 

    2014:04:23-20:35:35 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="POST" srcip="192.168.0.102" dstip="173.194.33.99" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="134" request="0xf103760" url="https://talkgadget.google.com/u/0/talkgadget/_/_/diagnostics/?_reqid=21966931&rt=j" exceptions="" error="" authtime="0" dnstime="1" cattime="53718" avscantime="0" fullreqtime="221794" device="0" auth="0" reputation="trusted" reputation="trusted" category="122,157" reputation="trusted" categoryname="Instant Messaging,Web Phone" content-type="application/json"

    2014:04:23-20:35:38 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="198.45.52.169" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="695561" request="0xea96220" url="http://198.45.52.169/531440178.ismv/range/215338784-216034344?c=us&n=33490&v=3&e=1398338463&t=AXwy4YRT3_q8uNb0-9uzKxC_z_E&d=cbp&p=5.zv0kbCpWIzWD7rPJ2BFPF1l3zz-_15w2VYmdxumdXpM&random=1108548832" exceptions="" error="" authtime="0" dnstime="1" cattime="48938" avscantime="0" fullreqtime="164970" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" content-type="application/octet-stream"

    2014:04:23-20:35:40 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="198.45.52.169" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="135179" request="0xea96220" url="http://198.45.52.169/531432358.isma/range/8002928-8138106?c=us&n=33490&v=3&e=1398338463&t=oeBFLZ4tYm1BZ-okmWycbGcsrDE&d=cbp&p=5.zv0kbCpWIzWD7rPJ2BFPF1l3zz-_15w2VYmdxumdXpM&random=670691266" exceptions="" error="" authtime="0" dnstime="1" cattime="115283" avscantime="0" fullreqtime="327878" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" content-type="application/octet-stream"

    2014:04:23-20:35:42 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="198.45.52.169" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="741781" request="0xf103dc0" url="http://198.45.52.169/531440178.ismv/range/216034345-216776125?c=us&n=33490&v=3&e=1398338463&t=AXwy4YRT3_q8uNb0-9uzKxC_z_E&d=cbp&p=5.zv0kbCpWIzWD7rPJ2BFPF1l3zz-_15w2VYmdxumdXpM&random=467002602" exceptions="" error="" authtime="0" dnstime="1" cattime="54343" avscantime="0" fullreqtime="175795" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" content-type="application/octet-stream"

    2014:04:23-20:35:44 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="POST" srcip="192.168.0.102" dstip="173.194.33.99" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="134" request="0xda59dc0" url="https://talkgadget.google.com/u/1/talkgadget/_/_/diagnostics/?_reqid=18466121&rt=j" exceptions="" error="" authtime="0" dnstime="1" cattime="52933" avscantime="0" fullreqtime="277044" device="0" auth="0" reputation="trusted" reputation="trusted" category="122,157" reputation="trusted" categoryname="Instant Messaging,Web Phone" content-type="application/json"

    2014:04:23-20:35:44 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="198.45.52.169" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="999036" request="0xea96220" url="http://198.45.52.169/531440178.ismv/range/216776126-217775161?c=us&n=33490&v=3&e=1398338463&t=AXwy4YRT3_q8uNb0-9uzKxC_z_E&d=cbp&p=5.zv0kbCpWIzWD7rPJ2BFPF1l3zz-_15w2VYmdxumdXpM&random=1928327490" exceptions="" error="" authtime="0" dnstime="1" cattime="126102" avscantime="0" fullreqtime="254180" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" content-type="application/octet-stream"

    2014:04:23-20:35:45 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.102" dstip="173.194.33.164" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="3501" request="0xda59540" url="https://talkgadget.google.com/u/0/talkgadget/_/channel/bind?VER=8&clid=AABEADBC3A173743&prop=aChromeExtension&ec=%5B1%2C1%2C0%2C%22chat_wcs_20140417.094111_RC2%22%5D&RID=rpc&SID=72DEAFAA4B39F243&CI=0&AID=805&gsessionid=TaZLw--hb1g&TYPE=xmlhttp&zx=iwmk6ma7ki3x&t=1" exceptions="" error="" authtime="0" dnstime="1" cattime="54504" avscantime="0" fullreqtime="239258" device="0" auth="0" reputation="trusted" category="122,157" reputation="trusted" categoryname="Instant Messaging,Web Phone" content-type="text/plain"

    2014:04:23-20:35:46 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="198.45.52.169" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="1078376" request="0xea96220" url="http://198.45.52.169/531440178.ismv/range/217775162-218853537?c=us&n=33490&v=3&e=1398338463&t=AXwy4YRT3_q8uNb0-9uzKxC_z_E&d=cbp&p=5.zv0kbCpWIzWD7rPJ2BFPF1l3zz-_15w2VYmdxumdXpM&random=179063307" exceptions="" error="" authtime="0" dnstime="1" cattime="54068" avscantime="0" fullreqtime="191687" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" content-type="application/octet-stream"

    2014:04:23-20:35:48 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="POST" srcip="192.168.0.102" dstip="173.194.33.99" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="134" request="0xec00660" url="https://talkgadget.google.com/u/0/talkgadget/_/_/diagnostics/?_reqid=10364363&rt=j" exceptions="" error="" authtime="0" dnstime="1" cattime="50108" avscantime="0" fullreqtime="226755" device="0" auth="0" reputation="trusted" reputation="trusted" category="122,157" reputation="trusted" categoryname="Instant Messaging,Web Phone" content-type="application/json"

    2014:04:23-20:35:50 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="198.45.52.169" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="780581" request="0xea96220" url="http://198.45.52.169/531440178.ismv/range/218853538-219634118?c=us&n=33490&v=3&e=1398338463&t=AXwy4YRT3_q8uNb0-9uzKxC_z_E&d=cbp&p=5.zv0kbCpWIzWD7rPJ2BFPF1l3zz-_15w2VYmdxumdXpM&random=1378241362" exceptions="" error="" authtime="0" dnstime="1" cattime="47735" avscantime="0" fullreqtime="233760" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" content-type="application/octet-stream"

    2014:04:23-20:35:51 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="POST" srcip="192.168.0.102" dstip="173.194.33.99" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="134" request="0xec01980" url="https://talkgadget.google.com/u/0/talkgadget/_/_/diagnostics/?_reqid=22066931&rt=j" exceptions="" error="" authtime="0" dnstime="1" cattime="50516" avscantime="0" fullreqtime="232460" device="0" auth="0" reputation="trusted" reputation="trusted" category="122,157" reputation="trusted" categoryname="Instant Messaging,Web Phone" content-type="application/json"

    2014:04:23-20:35:54 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="POST" srcip="192.168.0.102" dstip="54.243.87.177" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="3426" request="0xf102660" url="https://zoom.us/conf/i?cv=2.5.40588.0417" exceptions="" error="" authtime="0" dnstime="1" cattime="46624" avscantime="0" fullreqtime="400310" device="0" auth="0" reputation="neutral" reputation="neutral" category="157,178" reputation="neutral" categoryname="Web Phone,Internet Services" content-type="application/x-protobuf"

    2014:04:23-20:35:59 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="198.45.52.169" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="135261" request="0xf103dc0" url="http://198.45.52.169/531432358.isma/range/8138107-8273367?c=us&n=33490&v=3&e=1398338463&t=oeBFLZ4tYm1BZ-okmWycbGcsrDE&d=cbp&p=5.zv0kbCpWIzWD7rPJ2BFPF1l3zz-_15w2VYmdxumdXpM&random=910121246" exceptions="" error="" authtime="0" dnstime="1" cattime="60485" avscantime="0" fullreqtime="2710645" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" content-type="application/octet-stream"

    2014:04:23-20:35:59 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="198.45.52.169" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="742869" request="0xea96220" url="http://198.45.52.169/531440178.ismv/range/219634119-220376987?c=us&n=33490&v=3&e=1398338463&t=AXwy4YRT3_q8uNb0-9uzKxC_z_E&d=cbp&p=5.zv0kbCpWIzWD7rPJ2BFPF1l3zz-_15w2VYmdxumdXpM&random=1694494814" exceptions="" error="" authtime="0" dnstime="1" cattime="51759" avscantime="0" fullreqtime="4179848" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" content-type="application/octet-stream"

    2014:04:23-20:36:03 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="198.45.52.169" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="653078" request="0xf103dc0" url="http://198.45.52.169/531440178.ismv/range/220376988-221030065?c=us&n=33490&v=3&e=1398338463&t=AXwy4YRT3_q8uNb0-9uzKxC_z_E&d=cbp&p=5.zv0kbCpWIzWD7rPJ2BFPF1l3zz-_15w2VYmdxumdXpM&random=343450095" exceptions="" error="" authtime="0" dnstime="1" cattime="48022" avscantime="0" fullreqtime="412911" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" content-type="application/octet-stream"

    2014:04:23-20:36:03 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="198.45.52.169" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="927675" request="0xea96220" url="http://198.45.52.169/531440178.ismv/range/221030066-221957740?c=us&n=33490&v=3&e=1398338463&t=AXwy4YRT3_q8uNb0-9uzKxC_z_E&d=cbp&p=5.zv0kbCpWIzWD7rPJ2BFPF1l3zz-_15w2VYmdxumdXpM&random=217039667" exceptions="" error="" authtime="0" dnstime="1" cattime="52043" avscantime="0" fullreqtime="187165" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" content-type="application/octet-stream"

    2014:04:23-20:36:05 gateway httpproxy[17663]: id="0003" severity="info" sys="SecureWeb" sub="http" request="0xeb15dc0" function="ssl_log_errors" file="ssl.c" line="86" message="C 192.168.0.127: 4100909936:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1256:SSL alert number 48"

    2014:04:23-20:36:05 gateway httpproxy[17663]: id="0003" severity="info" sys="SecureWeb" sub="http" request="0xeb15dc0" function="ssl_log_errors" file="ssl.c" line="86" message="C 192.168.0.127: 4100909936:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:596:"

    2014:04:23-20:36:05 gateway httpproxy[17663]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="CONNECT" srcip="192.168.0.127" dstip="54.245.114.132" user="" statuscode="502" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="0" request="0xeb15dc0" url="https://nrdp.nccp.netflix.com" exceptions="" error="Failed to verify server certificate" authtime="0" dnstime="17360" cattime="50060" avscantime="0" fullreqtime="188867" device="0" auth="0" category="112" reputation="neutral" categoryname="Entertainment"

    2014:04:23-20:36:08 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="198.45.52.169" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="935824" request="0xea96220" url="http://198.45.52.169/531440178.ismv/range/221957741-222893564?c=us&n=33490&v=3&e=1398338463&t=AXwy4YRT3_q8uNb0-9uzKxC_z_E&d=cbp&p=5.zv0kbCpWIzWD7rPJ2BFPF1l3zz-_15w2VYmdxumdXpM&random=1416217722" exceptions="" error="" authtime="0" dnstime="1" cattime="52977" avscantime="0" fullreqtime="182701" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" content-type="application/octet-stream"

    2014:04:23-20:36:11 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="198.45.52.169" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="848416" request="0xea96220" url="http://198.45.52.169/531440178.ismv/range/222893565-223741980?c=us&n=33490&v=3&e=1398338463&t=AXwy4YRT3_q8uNb0-9uzKxC_z_E&d=cbp&p=5.zv0kbCpWIzWD7rPJ2BFPF1l3zz-_15w2VYmdxumdXpM&random=1081430854" exceptions="" error="" authtime="0" dnstime="1" cattime="48445" avscantime="0" fullreqtime="174249" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" content-type="application/octet-stream"

    2014:04:23-20:36:11 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="198.45.52.169" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="135077" request="0xf103dc0" url="http://198.45.52.169/531432358.isma/range/8273368-8408444?c=us&n=33490&v=3&e=1398338463&t=oeBFLZ4tYm1BZ-okmWycbGcsrDE&d=cbp&p=5.zv0kbCpWIzWD7rPJ2BFPF1l3zz-_15w2VYmdxumdXpM&random=760657739" exceptions="" error="" authtime="0" dnstime="1" cattime="68218" avscantime="0" fullreqtime="331023" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" content-type="application/octet-stream"

    2014:04:23-20:36:15 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="198.45.52.169" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="957646" request="0xf103dc0" url="http://198.45.52.169/531440178.ismv/range/223741981-224699626?c=us&n=33490&v=3&e=1398338463&t=AXwy4YRT3_q8uNb0-9uzKxC_z_E&d=cbp&p=5.zv0kbCpWIzWD7rPJ2BFPF1l3zz-_15w2VYmdxumdXpM&random=140216195" exceptions="" error="" authtime="0" dnstime="1" cattime="45345" avscantime="0" fullreqtime="168531" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" content-type="application/octet-stream"

    2014:04:23-20:36:17 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="POST" srcip="192.168.0.102" dstip="173.194.33.99" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="134" request="0xeb6e220" url="https://talkgadget.google.com/u/1/talkgadget/_/_/diagnostics/?_reqid=18566121&rt=j" exceptions="" error="" authtime="0" dnstime="1" cattime="58143" avscantime="0" fullreqtime="251751" device="0" auth="0" reputation="trusted" reputation="trusted" category="122,157" reputation="trusted" categoryname="Instant Messaging,Web Phone" content-type="application/json"

    2014:04:23-20:36:19 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="198.45.52.169" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="607855" request="0xf103dc0" url="http://198.45.52.169/531440178.ismv/range/224699627-225307481?c=us&n=33490&v=3&e=1398338463&t=AXwy4YRT3_q8uNb0-9uzKxC_z_E&d=cbp&p=5.zv0kbCpWIzWD7rPJ2BFPF1l3zz-_15w2VYmdxumdXpM&random=30222677" exceptions="" error="" authtime="0" dnstime="1" cattime="57973" avscantime="0" fullreqtime="199407" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" content-type="application/octet-stream"

    2014:04:23-20:36:22 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.168.0.102" dstip="132.235.9.10" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="3340" request="0x9832880" url="https://blackboard.ohio.edu" exceptions="av,auth,content,url,ssl,certcheck,mime,cache,fileextension,size" error="" authtime="0" dnstime="14067" cattime="0" avscantime="0" fullreqtime="301930681" device="0" auth="0"

    2014:04:23-20:36:23 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="198.45.52.169" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="1035820" request="0xf103dc0" url="http://198.45.52.169/531440178.ismv/range/225307482-226343301?c=us&n=33490&v=3&e=1398338463&t=AXwy4YRT3_q8uNb0-9uzKxC_z_E&d=cbp&p=5.zv0kbCpWIzWD7rPJ2BFPF1l3zz-_15w2VYmdxumdXpM&random=892210707" exceptions="" error="" authtime="0" dnstime="1" cattime="46280" avscantime="0" fullreqtime="169970" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" content-type="application/octet-stream"

    2014:04:23-20:36:25 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="POST" srcip="192.168.0.169" dstip="54.244.120.150" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="850" request="0x9833540" url="https://cbp-us.nccp.netflix.com/nccp/controller/2.11/heartbeat" exceptions="" error="" authtime="0" dnstime="23516" cattime="67292" avscantime="0" fullreqtime="386175" device="0" auth="0" reputation="neutral" category="112" reputation="neutral" categoryname="Entertainment" content-type="text/xml"

    2014:04:23-20:36:25 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="198.45.52.169" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="372758" request="0xf103dc0" url="http://198.45.52.169/531440178.ismv/range/226343302-226716059?c=us&n=33490&v=3&e=1398338463&t=AXwy4YRT3_q8uNb0-9uzKxC_z_E&d=cbp&p=5.zv0kbCpWIzWD7rPJ2BFPF1l3zz-_15w2VYmdxumdXpM&random=1971901154" exceptions="" error="" authtime="0" dnstime="1" cattime="55100" avscantime="0" fullreqtime="181154" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" content-type="application/octet-stream"

    2014:04:23-20:36:25 gateway httpproxy[17663]: id="0003" severity="info" sys="SecureWeb" sub="http" request="0xe4facc0" function="ssl_log_errors" file="ssl.c" line="86" message="C 192.168.0.102: 4086201200:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1256:SSL alert number 48"

    2014:04:23-20:36:25 gateway httpproxy[17663]: id="0003" severity="info" sys="SecureWeb" sub="http" request="0xe4facc0" function="ssl_log_errors" file="ssl.c" line="86" message="C 192.168.0.102: 4086201200:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:989:"

    2014:04:23-20:36:25 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="" srcip="192.168.0.102" dstip="74.125.129.84" user="" statuscode="000" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="0" request="0xe4facc0" url="https://74.125.129.84/" exceptions="" error="" authtime="0" dnstime="4" cattime="0" avscantime="0" fullreqtime="297" device="0" auth="0"

    2014:04:23-20:36:27 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="198.45.52.169" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="135038" request="0xf103dc0" url="http://198.45.52.169/531432358.isma/range/8408445-8543482?c=us&n=33490&v=3&e=1398338463&t=oeBFLZ4tYm1BZ-okmWycbGcsrDE&d=cbp&p=5.zv0kbCpWIzWD7rPJ2BFPF1l3zz-_15w2VYmdxumdXpM&random=1883012322" exceptions="" error="" authtime="0" dnstime="1" cattime="57203" avscantime="0" fullreqtime="177057" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" content-type="application/octet-stream"

    2014:04:23-20:36:27 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="23.208.231.117" user="" statuscode="302" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="453" request="0xd9cb320" url="http://toolbar.avg.com/roc/generic?cid=&CmpID=0214b&mid=&uid=057226183138396e&pr=&d=&lang=&v=&pid=AVG&sg=&parameter_av_profile=NO_AV&parameter_av_version=&tu=2&get=false&prodOp=1&ABTestOptionID=1&UserTime=2014-04-23%2020:36:24.000" exceptions="" error="" authtime="0" dnstime="39454" cattime="57449" avscantime="0" fullreqtime="500138" device="0" auth="0" category="105,175" reputation="trusted" categoryname="Business,Software/Hardware" content-type="text/html"

    2014:04:23-20:36:28 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="23.208.231.117" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="1444" request="0xd9cb320" url="http://toolbar.avg.com/Campaigns/DynamicCampaign.aspx?ABTestOptionID=1&cid=&CmpID=0214b&mid=&uid=057226183138396e&pr=&d=&lang=&v=&pid=AVG&sg=&parameter_av_profile=NO_AV&parameter_av_version=&tu=2&get=false&prodOp=1&ABTestOptionID=1&UserTime=2014-04-23+20%3a36%3a24.000" exceptions="" error="" authtime="0" dnstime="1" cattime="49490" avscantime="0" fullreqtime="259489" device="0" auth="0" category="105,175" reputation="trusted" categoryname="Business,Software/Hardware" content-type="text/html"

    2014:04:23-20:36:29 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="198.45.52.169" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="583999" request="0xf103dc0" url="http://198.45.52.169/531440178.ismv/range/226716060-227300058?c=us&n=33490&v=3&e=1398338463&t=AXwy4YRT3_q8uNb0-9uzKxC_z_E&d=cbp&p=5.zv0kbCpWIzWD7rPJ2BFPF1l3zz-_15w2VYmdxumdXpM&random=2063361256" exceptions="" error="" authtime="0" dnstime="1" cattime="53002" avscantime="0" fullreqtime="180914" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" content-type="application/octet-stream"

    2014:04:23-20:36:30 gateway httpproxy[17663]: id="0003" severity="info" sys="SecureWeb" sub="http" request="0xea97320" function="is_server_certificate_valid" file="ssl.c" line="735" message="Unable to get peer certificate"

    2014:04:23-20:36:30 gateway httpproxy[17663]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="" srcip="192.168.0.131" dstip="15.201.144.112" user="" statuscode="502" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="0" request="0xea97320" url="https://15.201.144.112/" exceptions="" error="Failed to verify server certificate" authtime="0" dnstime="4" cattime="0" avscantime="0" fullreqtime="0" device="0" auth="0"

    2014:04:23-20:36:33 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="198.45.52.169" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="700493" request="0xf103dc0" url="http://198.45.52.169/531440178.ismv/range/227300059-228000551?c=us&n=33490&v=3&e=1398338463&t=AXwy4YRT3_q8uNb0-9uzKxC_z_E&d=cbp&p=5.zv0kbCpWIzWD7rPJ2BFPF1l3zz-_15w2VYmdxumdXpM&random=1833880130" exceptions="" error="" authtime="0" dnstime="1" cattime="52010" avscantime="0" fullreqtime="180224" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" content-type="application/octet-stream"

    2014:04:23-20:36:37 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="198.45.52.169" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="536275" request="0xf103dc0" url="http://198.45.52.169/531440178.ismv/range/228000552-228536826?c=us&n=33490&v=3&e=1398338463&t=AXwy4YRT3_q8uNb0-9uzKxC_z_E&d=cbp&p=5.zv0kbCpWIzWD7rPJ2BFPF1l3zz-_15w2VYmdxumdXpM&random=1536614858" exceptions="" error="" authtime="0" dnstime="1" cattime="56480" avscantime="0" fullreqtime="230887" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" content-type="application/octet-stream"

    2014:04:23-20:36:41 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="198.45.52.169" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="732154" request="0xf103dc0" url="http://198.45.52.169/531440178.ismv/range/228536827-229268980?c=us&n=33490&v=3&e=1398338463&t=AXwy4YRT3_q8uNb0-9uzKxC_z_E&d=cbp&p=5.zv0kbCpWIzWD7rPJ2BFPF1l3zz-_15w2VYmdxumdXpM&random=1246440519" exceptions="" error="" authtime="0" dnstime="1" cattime="49788" avscantime="0" fullreqtime="194055" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" content-type="application/octet-stream"

    2014:04:23-20:36:43 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="198.45.52.169" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="135339" request="0xf103dc0" url="http://198.45.52.169/531432358.isma/range/8543483-8678821?c=us&n=33490&v=3&e=1398338463&t=oeBFLZ4tYm1BZ-okmWycbGcsrDE&d=cbp&p=5.zv0kbCpWIzWD7rPJ2BFPF1l3zz-_15w2VYmdxumdXpM&random=1344823441" exceptions="" error="" authtime="0" dnstime="1" cattime="48974" avscantime="0" fullreqtime="173358" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" content-type="application/octet-stream"

    2014:04:23-20:36:45 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="198.45.52.169" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="635856" request="0xf103dc0" url="http://198.45.52.169/531440178.ismv/range/229268981-229904836?c=us&n=33490&v=3&e=1398338463&t=AXwy4YRT3_q8uNb0-9uzKxC_z_E&d=cbp&p=5.zv0kbCpWIzWD7rPJ2BFPF1l3zz-_15w2VYmdxumdXpM&random=1016959393" exceptions="" error="" authtime="0" dnstime="1" cattime="49922" avscantime="0" fullreqtime="178256" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" content-type="application/octet-stream"

    2014:04:23-20:36:49 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="198.45.52.169" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="643866" request="0xf103dc0" url="http://198.45.52.169/531440178.ismv/range/229904837-230548702?c=us&n=33490&v=3&e=1398338463&t=AXwy4YRT3_q8uNb0-9uzKxC_z_E&d=cbp&p=5.zv0kbCpWIzWD7rPJ2BFPF1l3zz-_15w2VYmdxumdXpM&random=75744734" exceptions="" error="" authtime="0" dnstime="1" cattime="130849" avscantime="0" fullreqtime="257400" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" content-type="application/octet-stream"

    2014:04:23-20:36:54 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="198.45.52.169" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="772846" request="0xf103dc0" url="http://198.45.52.169/531440178.ismv/range/230548703-231321548?c=us&n=33490&v=3&e=1398338463&t=AXwy4YRT3_q8uNb0-9uzKxC_z_E&d=cbp&p=5.zv0kbCpWIzWD7rPJ2BFPF1l3zz-_15w2VYmdxumdXpM&random=623882469" exceptions="" error="" authtime="0" dnstime="1" cattime="48343" avscantime="0" fullreqtime="178142" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" content-type="application/octet-stream"

    2014:04:23-20:36:58 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="198.45.52.169" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="534337" request="0xf103dc0" url="http://198.45.52.169/531440178.ismv/range/231321549-231855885?c=us&n=33490&v=3&e=1398338463&t=AXwy4YRT3_q8uNb0-9uzKxC_z_E&d=cbp&p=5.zv0kbCpWIzWD7rPJ2BFPF1l3zz-_15w2VYmdxumdXpM&random=289095601" exceptions="" error="" authtime="0" dnstime="1" cattime="88999" avscantime="0" fullreqtime="213906" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" content-type="application/octet-stream"

    2014:04:23-20:36:59 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="198.45.52.169" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="135210" request="0xf103dc0" url="http://198.45.52.169/531432358.isma/range/8678822-8814031?c=us&n=33490&v=3&e=1398338463&t=oeBFLZ4tYm1BZ-okmWycbGcsrDE&d=cbp&p=5.zv0kbCpWIzWD7rPJ2BFPF1l3zz-_15w2VYmdxumdXpM&random=724668548" exceptions="" error="" authtime="0" dnstime="1" cattime="89042" avscantime="0" fullreqtime="223010" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" content-type="application/octet-stream"

    2014:04:23-20:37:02 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="198.45.52.169" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="484190" request="0xf103dc0" url="http://198.45.52.169/531440178.ismv/range/231855886-232340075?c=us&n=33490&v=3&e=1398338463&t=AXwy4YRT3_q8uNb0-9uzKxC_z_E&d=cbp&p=5.zv0kbCpWIzWD7rPJ2BFPF1l3zz-_15w2VYmdxumdXpM&random=717745728" exceptions="" error="" authtime="0" dnstime="1" cattime="99348" avscantime="0" fullreqtime="230367" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" content-type="application/octet-stream"

    2014:04:23-20:37:05 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="198.45.52.169" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="752977" request="0xf103dc0" url="http://198.45.52.169/531440178.ismv/range/232340076-233093052?c=us&n=33490&v=3&e=1398338463&t=AXwy4YRT3_q8uNb0-9uzKxC_z_E&d=cbp&p=5.zv0kbCpWIzWD7rPJ2BFPF1l3zz-_15w2VYmdxumdXpM&random=1654608837" exceptions="" error="" authtime="0" dnstime="1" cattime="77952" avscantime="0" fullreqtime="210313" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" content-type="application/octet-stream"

    2014:04:23-20:37:10 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="198.45.52.169" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="751153" request="0xf103dc0" url="http://198.45.52.169/531440178.ismv/range/233093053-233844205?c=us&n=33490&v=3&e=1398338463&t=AXwy4YRT3_q8uNb0-9uzKxC_z_E&d=cbp&p=5.zv0kbCpWIzWD7rPJ2BFPF1l3zz-_15w2VYmdxumdXpM&random=1888896277" exceptions="" error="" authtime="0" dnstime="1" cattime="48646" avscantime="0" fullreqtime="173084" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" content-type="application/octet-stream"

    2014:04:23-20:37:15 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="198.45.52.169" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="715178" request="0xf103dc0" url="http://198.45.52.169/531440178.ismv/range/233844206-234559383?c=us&n=33490&v=3&e=1398338463&t=AXwy4YRT3_q8uNb0-9uzKxC_z_E&d=cbp&p=5.zv0kbCpWIzWD7rPJ2BFPF1l3zz-_15w2VYmdxumdXpM&random=1022556697" exceptions="" error="" authtime="0" dnstime="1" cattime="58065" avscantime="0" fullreqtime="195642" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" content-type="application/octet-stream"

    2014:04:23-20:37:16 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="198.45.52.169" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="135077" request="0xe822ee0" url="http://198.45.52.169/531432358.isma/range/8814032-8949108?c=us&n=33490&v=3&e=1398338463&t=oeBFLZ4tYm1BZ-okmWycbGcsrDE&d=cbp&p=5.zv0kbCpWIzWD7rPJ2BFPF1l3zz-_15w2VYmdxumdXpM&random=1615138848" exceptions="" error="" authtime="0" dnstime="187" cattime="53491" avscantime="0" fullreqtime="287734" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" content-type="application/octet-stream"

    2014:04:23-20:37:22 gateway httpproxy[17663]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.169" dstip="198.45.52.169" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffZartman (Zartman)" size="488834" request="0xf103dc0" url="http://198.45.52.169/531440178.ismv/range/235258521-235747354?c=us&n=33490&v=3&e=1398338463&t=AXwy4YRT3_q8uNb0-9uzKxC_z_E&d=cbp&p=5.zv0kbCpWIzWD7rPJ2BFPF1l3zz-_15w2VYmdxumdXpM&random=158620274" exceptions="" error="" authtime="0" dnstime="1" cattime="52647" avscantime="0" fullreqtime="181628" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" content-type="application/octet-stream"
  • 0
    This is unfortatnley common problem with Sophos and any SSL scanning with transparent mode (which is what we use... until we go to 9.2 and will just use "URL filtering only"

    All you can do to fix this is add it to the "Skip transparent mode destination hosts/nets"

    In 9.2 its under Web Protection > Filtering Options > Misc tab, add the domain there and click apply. You should be good to go. However, if there is more than one ip/site it trys to connect to you will need to add them there as well.

    Also under the same misc tab make sure "Bypass content scanning for streaming content"
  • 0
    From the logs:
    url="nrdp.nccp.netflix.com" exceptions="" error="Failed to verify server certificate"

    Try adding an exception for
    ^https?://[A-Za-z0-9.-]*\.netflix\.com
    That removes HTTPS scanning and Certificate checks.

    To me it looks like the video should be playing...  every 5 seconds or so it is doing a byterange request asking for the next chunk of video.

    If that isn't working...  You could try temporarily changing to HTTPS URL Filter Only to see if it makes a difference - if it does, then we have diagnosed part of the problem, you can turn it on again and we should figure out where to make the exception.

    I will note that only a single thing went to zoom.us and the exception was not applied.  This is because the exceptions you wrote require a subdomain.  Try these:

    ^https?://([A-Za-z0-9.-]*\.)?zoom\.us/
    ^https?://([A-Za-z0-9.-]*\.)?zoomsvr\.com/

    The ? means the preceding thing is optional (0 or 1).
  • 0 in reply to Michael Dunn
    From the logs:
    url="https://nrdp.nccp.netflix.com" exceptions="" error="Failed to verify server certificate"

    Try adding an exception for
    ^https?://[A-Za-z0-9.-]*\.netflix\.com
    That removes HTTPS scanning and Certificate checks.


    My daughter thanks you for troubleshooting this.  She was having issues with netflix, but I was brushing her off.  [:)]

    Note:  I'm testing Sophos UTM home edition on my home LAN for deployment in my business.



    I will note that only a single thing went to zoom.us and the exception was not applied.  This is because the exceptions you wrote require a subdomain.  Try these:

    ^https?://([A-Za-z0-9.-]*\.)?zoom\.us/
    ^https?://([A-Za-z0-9.-]*\.)?zoomsvr\.com/

    The ? means the preceding thing is optional (0 or 1).


    That did the trick.  The conference app now connects without issue.  

    Many things for the help!

    Greg
Unfiltered HTML