Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 5166 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

No categorization -> connection refused

robert.giebel
Hello together,

I'm new here. One of our customers recently got a UTM9 (Version  9.204-20) firewall from Sophos and is using the Web Filter. It looks like, there's a problem connecting to the categorization servers, at least from where the firewall is at the moment. I'm getting lots of these errors in the http log: 

2014:08:07-14:11:50 SOPHOS httpproxy[5540]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_handle_cmd" file="scr_scanner.c" line="552" message="cffs05.astaro.com: write: Connection refused"

2014:08:07-14:11:50 SOPHOS httpproxy[5540]: id="0003" severity="info" sys="SecureWeb" sub="http" request="0xf1baaa0" function="sc_categorize_url_remote" file="scr_scanner.c" line="993" message="no categorization received for url: http://*****"

2014:08:07-14:11:50 SOPHOS httpproxy[5540]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_handle_cmd" file="scr_scanner.c" line="552" message="cffs05.astaro.com: write: Connection refused"

2014:08:07-14:11:50 SOPHOS httpproxy[5540]: id="0003" severity="info" sys="SecureWeb" sub="http" request="0xf2c1980" function="sc_categorize_url_remote" file="scr_scanner.c" line="993" message="no categorization received for url: http://*****"

2014:08:07-14:11:50 SOPHOS httpproxy[5540]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_handle_cmd" file="scr_scanner.c" line="552" message="cffs05.astaro.com: write: Connection refused"

2014:08:07-14:11:50 SOPHOS httpproxy[5540]: id="0003" severity="info" sys="SecureWeb" sub="http" request="0xf7ae880" function="sc_categorize_url_remote" file="scr_scanner.c" line="993" message="no categorization received for url: *****"

2014:08:07-14:11:50 SOPHOS httpproxy[5540]: id="0003" severity="info" sys="SecureWeb" sub="http" request="0xe91b980" function="send_request_headers" file="request.c" line="396" message="write() on AF 2 socket to 146.0.13.217 failed: Connection refused"


When this happens, the users get a "Connection refused" page shown and aren't happy.
Any idea how I can debug that further or what to do against that?
Is it possible to just accept all not-categorized URLs?

thanks in advance,
Robert


This thread was automatically locked due to age.
Parents
  • 0
    The default setting in Web Filtering is to not block un-categorized sites.  Check your category filter settings.

    Also, if connections to the categorization DB servers is being dropped, check for an upstream firewall upstream that is blocking these connections.  Also, you may want to try forcing the UTM to use the newer, better-performing SophosXL category DB lookup system.  You can do this by simply enabling UTM Endpoint (every license includes a couple of clients for free -- you don't need to configure it all the way, just turn it on) and the Web Control function associated with it.  Not sure why Sophos hasn't made that the default lookup system yet.
Reply
  • 0
    The default setting in Web Filtering is to not block un-categorized sites.  Check your category filter settings.

    Also, if connections to the categorization DB servers is being dropped, check for an upstream firewall upstream that is blocking these connections.  Also, you may want to try forcing the UTM to use the newer, better-performing SophosXL category DB lookup system.  You can do this by simply enabling UTM Endpoint (every license includes a couple of clients for free -- you don't need to configure it all the way, just turn it on) and the Web Control function associated with it.  Not sure why Sophos hasn't made that the default lookup system yet.
Children
No Data