Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 9 replies
  • Subscribers 1 subscriber
  • Views 2496 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web-filtering will not filter blocked websites

DeltaTek
Hi guys!

First post here, I apologize so bear with me. I received my home licence and immediately went to installing it on one of my machines to test.

To make a long story short, I have watched all the Sophos web filtering training videos. Looked at the built in firewall help, browsed the forums and reviewed threads online on how to configure web filtering. I have quadruple checked my settings against the videos and everything appears to be right, however no websites are blocked. Ironically the policy test tells me its blocked. Also it seems the browser authentication does not work.

I have attached some screen shots for you to take a look at. Perhaps I just messed a setting up. Any help would be greatly appreciated!!


This thread was automatically locked due to age.
  • 0
    What version?  Looks like 9.2something.

    What do the logs show?

    Via CLI: /var/log/http.log or the GUI: Logging & Reporting->View Log Files-> Web Filtering

    First confirm the UTM is seeing the web traffic.
  • 0
    Hi, DeltaTek, and welcome to the User BB!

    A quick way to see what teched suggests is to open the Web Filtering Live Log by clicking on the icon at the top of WebAdmin between "admin" and the question mark.  If you hover over that icon, you can choose to launch a different Live Log rather than the pre-selected context-sensitive one.

    Cheers - Bob
  • 0
    Hi guys! Thank you so much for such a quick response. This is what my live log shows:

    2014:06:08-13:15:37 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs05.astaro.com' access time: 316ms"
    2014:06:08-13:15:38 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs27.astaro.com' access time: 312ms"
    2014:06:08-13:15:38 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs20.astaro.com' access time: 313ms"
    2014:06:08-13:15:38 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs09.astaro.com' access time: 336ms"
    2014:06:08-13:15:39 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs26.astaro.com' access time: 383ms"
    2014:06:08-13:15:39 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs16.astaro.com' access time: 371ms"
    2014:06:08-13:15:40 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs08.astaro.com' access time: 398ms"
    2014:06:08-13:15:40 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs10.astaro.com' access time: 436ms"
    2014:06:08-13:15:41 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs17.astaro.com' access time: 510ms"
    2014:06:08-13:15:41 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs15.astaro.com' access time: 509ms"


    This is what the "view" shows

    2014:06:08-00:03:12 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs28.astaro.com' access time: 65ms"
    2014:06:08-00:03:12 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs13.astaro.com' access time: 68ms"
    2014:06:08-00:03:12 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs23.astaro.com' access time: 69ms"
    2014:06:08-00:03:12 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs06.astaro.com' access time: 120ms"
    2014:06:08-00:03:14 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs07.astaro.com' access time: 1131ms"
    2014:06:08-00:03:14 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs14.astaro.com' access time: 172ms"
    2014:06:08-00:03:14 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs03.astaro.com' access time: 196ms"
    2014:06:08-00:03:14 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs25.astaro.com' access time: 182ms"
    2014:06:08-00:03:14 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs24.astaro.com' access time: 201ms"
    2014:06:08-00:03:14 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs18.astaro.com' access time: 206ms"
    2014:06:08-00:03:15 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs12.astaro.com' access time: 251ms"
    2014:06:08-00:03:15 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs04.astaro.com' access time: 243ms"
    2014:06:08-00:03:15 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs19.astaro.com' access time: 259ms"
    2014:06:08-00:03:16 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs11.astaro.com' access time: 266ms"
    2014:06:08-00:03:16 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs21.astaro.com' access time: 288ms"
    2014:06:08-00:03:16 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs01.astaro.com' access time: 275ms"
    2014:06:08-00:03:16 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs02.astaro.com' access time: 264ms"
    2014:06:08-00:03:17 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs22.astaro.com' access time: 248ms"
    2014:06:08-00:03:17 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs05.astaro.com' access time: 314ms"
    2014:06:08-00:03:17 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs27.astaro.com' access time: 320ms"
    2014:06:08-00:03:18 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs20.astaro.com' access time: 323ms"
    2014:06:08-00:03:18 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs09.astaro.com' access time: 329ms"
    2014:06:08-00:03:18 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs16.astaro.com' access time: 398ms"
    2014:06:08-00:03:19 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs08.astaro.com' access time: 398ms"
    2014:06:08-00:03:19 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs26.astaro.com' access time: 392ms"
    2014:06:08-00:03:20 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs10.astaro.com' access time: 453ms"
    2014:06:08-00:03:20 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs15.astaro.com' access time: 501ms"
    2014:06:08-00:03:21 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs17.astaro.com' access time: 509ms"
    2014:06:08-00:13:23 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs28.astaro.com' access time: 69ms"
    2014:06:08-00:13:23 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs13.astaro.com' access time: 88ms"
    2014:06:08-00:13:23 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs23.astaro.com' access time: 79ms"
    2014:06:08-00:13:23 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs06.astaro.com' access time: 119ms"
    2014:06:08-00:13:23 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs14.astaro.com' access time: 172ms"
    2014:06:08-00:13:23 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs25.astaro.com' access time: 179ms"
    2014:06:08-00:13:24 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs03.astaro.com' access time: 1169ms"
    2014:06:08-00:13:25 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs24.astaro.com' access time: 218ms"
    2014:06:08-00:13:25 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs18.astaro.com' access time: 203ms"
    2014:06:08-00:13:25 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs04.astaro.com' access time: 248ms"
    2014:06:08-00:13:25 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs22.astaro.com' access time: 258ms"
    2014:06:08-00:13:26 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs12.astaro.com' access time: 251ms"
    2014:06:08-00:13:26 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs19.astaro.com' access time: 263ms"
    2014:06:08-00:13:26 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs02.astaro.com' access time: 274ms"
    2014:06:08-00:13:26 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs11.astaro.com' access time: 248ms"
    2014:06:08-00:13:27 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs01.astaro.com' access time: 263ms"
    2014:06:08-00:13:27 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs21.astaro.com' access time: 259ms"
    2014:06:08-00:13:27 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs05.astaro.com' access time: 312ms"
    2014:06:08-00:13:28 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs27.astaro.com' access time: 318ms"
    2014:06:08-00:13:28 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs20.astaro.com' access time: 317ms"
    2014:06:08-00:13:28 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs09.astaro.com' access time: 335ms"
    2014:06:08-00:13:29 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs26.astaro.com' access time: 372ms"
    2014:06:08-00:13:29 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs16.astaro.com' access time: 409ms"
    2014:06:08-00:13:29 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs08.astaro.com' access time: 387ms"
    2014:06:08-00:13:30 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs10.astaro.com' access time: 434ms"
    2014:06:08-00:13:30 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs15.astaro.com' access time: 509ms"
    2014:06:08-00:13:31 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs17.astaro.com' access time: 519ms"
    2014:06:08-00:13:31 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs07.astaro.com' access time: 148ms"
    2014:06:08-00:23:33 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs28.astaro.com' access time: 67ms"
    2014:06:08-00:23:33 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs23.astaro.com' access time: 75ms"
    2014:06:08-00:23:33 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs13.astaro.com' access time: 84ms"
    2014:06:08-00:23:33 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs06.astaro.com' access time: 128ms"
    2014:06:08-00:23:33 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs07.astaro.com' access time: 152ms"
    2014:06:08-00:23:34 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs14.astaro.com' access time: 171ms"
    2014:06:08-00:23:34 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs25.astaro.com' access time: 173ms"
    2014:06:08-00:23:34 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs18.astaro.com' access time: 203ms"
    2014:06:08-00:23:34 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs24.astaro.com' access time: 213ms"
    2014:06:08-00:23:34 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs04.astaro.com' access time: 241ms"
    2014:06:08-00:23:35 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs11.astaro.com' access time: 248ms"
    2014:06:08-00:23:35 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs12.astaro.com' access time: 257ms"
    2014:06:08-00:23:35 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs22.astaro.com' access time: 257ms"
    2014:06:08-00:23:35 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs21.astaro.com' access time: 266ms"
    2014:06:08-00:23:36 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs19.astaro.com' access time: 256ms"
    2014:06:08-00:23:36 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs01.astaro.com' access time: 263ms"
    2014:06:08-00:23:36 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs02.astaro.com' access time: 260ms"
    2014:06:08-00:23:37 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs05.astaro.com' access time: 313ms"
    2014:06:08-00:23:37 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs20.astaro.com' access time: 322ms"
    2014:06:08-00:23:37 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs27.astaro.com' access time: 310ms"
    2014:06:08-00:23:38 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs09.astaro.com' access time: 334ms"
    2014:06:08-00:23:38 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs26.astaro.com' access time: 375ms"
    2014:06:08-00:23:38 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs08.astaro.com' access time: 365ms"
    2014:06:08-00:23:39 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs16.astaro.com' access time: 406ms"
    2014:06:08-00:23:39 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs10.astaro.com' access time: 444ms"
    2014:06:08-00:23:40 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs15.astaro.com' access time: 516ms"
    2014:06:08-00:23:40 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs17.astaro.com' access time: 498ms"
    2014:06:08-00:23:40 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs03.astaro.com' access time: 176ms"
    2014:06:08-00:33:42 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs28.astaro.com' access time: 70ms"
    2014:06:08-00:33:42 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs23.astaro.com' access time: 72ms"
    2014:06:08-00:33:43 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs13.astaro.com' access time: 71ms"
    2014:06:08-00:33:43 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs06.astaro.com' access time: 123ms"
    2014:06:08-00:33:43 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs07.astaro.com' access time: 151ms"
    2014:06:08-00:33:43 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs14.astaro.com' access time: 188ms"
    2014:06:08-00:33:43 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs25.astaro.com' access time: 188ms"
    2014:06:08-00:33:44 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs03.astaro.com' access time: 1183ms"
    2014:06:08-00:33:45 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs18.astaro.com' access time: 204ms"
    2014:06:08-00:33:45 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs24.astaro.com' access time: 210ms"
    2014:06:08-00:33:45 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs04.astaro.com' access time: 246ms"
    2014:06:08-00:33:45 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs11.astaro.com' access time: 249ms"
    2014:06:08-00:33:46 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs19.astaro.com' access time: 255ms"
    2014:06:08-00:33:46 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs12.astaro.com' access time: 258ms"
    2014:06:08-00:33:46 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs22.astaro.com' access time: 253ms"
    2014:06:08-00:33:46 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs02.astaro.com' access time: 263ms"
    2014:06:08-00:33:47 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs01.astaro.com' access time: 262ms"
    2014:06:08-00:33:47 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs21.astaro.com' access time: 286ms"
    2014:06:08-00:33:47 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs27.astaro.com' access time: 315ms"
    2014:06:08-00:33:48 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs05.astaro.com' access time: 310ms"
    2014:06:08-00:33:48 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs20.astaro.com' access time: 317ms"
    2014:06:08-00:33:48 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs09.astaro.com' access time: 343ms"
    2014:06:08-00:33:49 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs08.astaro.com' access time: 373ms"
    2014:06:08-00:33:49 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs26.astaro.com' access time: 369ms"
    2014:06:08-00:33:49 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs16.astaro.com' access time: 394ms"
    2014:06:08-00:33:50 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs10.astaro.com' access time: 456ms"
    2014:06:08-00:33:50 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs17.astaro.com' access time: 519ms"
    2014:06:08-00:33:51 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs15.astaro.com' access time: 509ms"
    2014:06:08-00:43:53 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs28.astaro.com' access time: 67ms"
    2014:06:08-00:43:53 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs13.astaro.com' access time: 87ms"
    2014:06:08-00:43:53 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs23.astaro.com' access time: 69ms"
    2014:06:08-00:43:53 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs06.astaro.com' access time: 119ms"
    2014:06:08-00:43:53 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs07.astaro.com' access time: 140ms"
    2014:06:08-00:43:53 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs14.astaro.com' access time: 176ms"
    2014:06:08-00:43:54 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs25.astaro.com' access time: 180ms"
    2014:06:08-00:43:54 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs18.astaro.com' access time: 217ms"
    2014:06:08-00:43:54 DedSec httpproxy[6496]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="820" message="server 'cffs24.astaro.com' access time: 201ms"


    I think it sees traffic (or so I hope) but for some reason it will not filter :/

    Also yes I am running 9.2 sorry!
  • 0
    What is the full version 9.20x-xx?

    The cffsNN.astaro.com lines are the proxy testing the responses from one of the categorization service options (the other is SXL but it doesn't log the same).

    There is no sign of http traffic passing through your UTM from those ~40 minutes worth of logs.

    What is your network topology and how is the web traffic expected to traverse the UTM?

    This line is from 9.111-11 so it is a bit, but not entirely, different from what should be seen in your logs for a web request:

    2014:06:08-14:43:26 utm httpproxy[5625]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.101" dstip="189.76.156.100" user="" statuscode="301" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="20" request="0xa27c4a5" url="jornaldesantacatarina.clicrbs.com.br/.../plain" application="http"


    Comfortable with the command line?   tcpdump might come in handy.
  • 0 in reply to teched_01
    What is the full version 9.20x-xx?

    The cffsNN.astaro.com lines are the proxy testing the responses from one of the categorization service options (the other is SXL but it doesn't log the same).

    There is no sign of http traffic passing through your UTM from those ~40 minutes worth of logs.

    What is your network topology and how is the web traffic expected to traverse the UTM?

    This line is from 9.111-11 so it is a bit, but not entirely, different from what should be seen in your logs for a web request: 

    2014:06:08-14:43:26 utm httpproxy[5625]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.101" dstip="189.76.156.100" user="" statuscode="301" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="20" request="0xa27c4a5" url="http://jornaldesantacatarina.clicrbs.com.br/" exceptions="" error="" category="141" reputation="neutral" categoryname="Portal Sites" content-type="text/plain" application="http"


    Comfortable with the command line?   tcpdump might come in handy.


    Thank you for helping me out Teched.

    The full firmware version is 9.201-25

    I use brighthouse as my ISP. I have a Ubee DDW3611 Modem/Router hybrid. I have disabled DHCP on the modem/router. The Sophos is the DHCP server. 

    I have attached some pictures below so I am not leaving you in the dark. I have heard some things about needing to be in bridge mode, but I have not done much with bridging. And it would seem the only other option for bridge mode I have in mu ubee router is "Pass through" which requires a mac address of some sort. Attached a pic of that too.
  • 0
    You are using only one interface on your UTM?

    Have you configured the clients to use the UTM as a proxy server?

    I think we may need to start at the beginning - how do you want this network to work/look?  

    Can you draw a network topology?  (logical and physical)  Try LucidChart if you have nothing else.
  • 0
    I agree with teched that you should start at the beginning.  Here's what I found before his last post...

    A quick google found the bridge mode trick.  You definitely want to have: ISP>------LAN.  The downside of this is that the device's wireless becomes useless.

    At present, your Modem/Router appears to be in the same subnet with your UTM and all of your other devices, so none of the traffic from them transits the UTM.

    Once you have the modem bridged, your External interface in your UTM should be able to get a public IP and you should set DHCP to pass out the IP of "Internal (Address)" as the default gateway for the devices on your LAN.

    In fact, you might be able to resolve most of your issues without having to bridge the modem.  Just change DHCP as mentioned, and leave the modem's IP as the default gateway for the Internal interface might resolve most of your present issues.

    Cheers - Bob
  • 0
    Very sorry for a late response guys. One second I was configuring a firewall, the next I am obligated to house watch for someone.

    You both are completely correct. I sat down while I had some off time and re-thought how I was going to do this. I decided it might be best to just get a modem (Like the Motorola SBG series) link that to the firewall and then use a switch.

    However BAlfson, you were correct about the DHCP and the gateway. It worked perfectly! Everything is now being filtered and authentication works great! I immediately started to test the AV against PUA's and things like Cryptolocker. It works so well I am wondering if I even need a PC AV?
  • 0
    you always need AV on the PC's.
    something can slip through, or get in the house via USBstick or external storage media,
    just to be sure, it's better to keep it installed [;)]