Sophos UTM 320 v9.201-23:
Trying to setup rules on the UTM to allow certain trusted websites to have access whether in "Standard" or "Transparent" mode. The idea being that certain third party partners sites should not require authentication and would work even if an ActiveX (or other plugin) did not know how detect and interact with the UTM as a Proxy (using "Standard' mode). For some reason I keep running into "The URL you have requested is blocked by Surf Protection" with a Report of "Uncategorized is not allowed" appearing. I thought "Exceptions" would allow you to ignore the "Uncategorized" block that is defined in the policy.
Web Protection > Web Filtering
Global >
Allowed Networks: Production
Operation Mode: Transparent Mode
Default Authentication: None
Policies >
Categories "Block all content, except as specified below" with each Category option set to "Block" including "Uncategorized websites"
Web Protection > Web Filter Profiles
Filter Profiles > Production Profile
Allowed networks: Production
Operation Mode: Standard Mode
Default Authentication: Active Directory SSO
Policies > Various rules for groups to have access with a Base Policy of Blocking if the user is not a member of any of the groups specified above in the Filter Policies.
Filter Options > Exceptions
Example Exception entry:
Skip these checks: Authentication & URL Filter
Matching these URLs: ^https?://([A-Za-z0-9.-]*\.)?testsite\.com/
At first I thought this was due to a site being HTTPS (which according to the documentation Transparent mode may cause issues and require an entry in the "Transparent Mode Skiplist") but then I ran into the same issue for an HTTP site.
To me there needs to be a way to have an Exception which disables the "Surf Protection" when connecting using the "Transparent" mode.
This thread was automatically locked due to age.
