Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 1 subscriber
  • Views 2394 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Bug in SSL filtering?

_Richard_
I am having problems accessing a web page when SSL scanning on the Sophos UTM is set to 'decrypt and scan'.  When I change this to 'URL filtering only' the page displays ok and I am able to login to the web page.
I have only come across one URL where this is a problem, but no doubt other URLs may be affected also.

The URL in question is:

http://www.capitalone.co.uk/web/sign-in.jsf

I have tried adding the capitalone.co.uk domain to the list of allowed websites, however this does not resolve the problem.
Can anyone advise me as to any additional configuration settings I could change so I can view this page with SSL scanning set to 'decrypt and scan', or is this a bug that can only be resolved with updated firmware? 

thanks,

Richard


This thread was automatically locked due to age.
  • 0
    Hey,

    Have you tried adding an exception under web protection filtering options?  This way you can disable ssl scanning and other options for that site.  

    I think putting the site in allowed list won't do anything if the site isn't blocked under a specific category.
  • 0 in reply to Ross86
    Many Credit Card (and other high-risk sites) sites do not work with SSL Scanning enabled, and an Exception to skip SSL scanning for the site would be required to fix that issue.  I know that some sites include code/detection systems that detect "man in the middle" SSL attacks and that causes problems, as, essentially, that's what the UTM does to do SSL scanning.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

  • 0
    Thanks for your responses Ross86 and BrucekConvergent, your suggestion of adding an SSL scanning exception has worked and I can now access the site.

    thanks,

    Richard
  • 0
    No prob, glad it's working [:)]
  • 0
    Here's an Exception I put in in every installation:



    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    Bob, every .com you skip SSL scanning?  At that point, why enable it at all?

    As an aside, there is more selective SSL scanning in 9.3.
  • 0
    Michael, I took away the cloaking so that you now can see that I marked out the domain name.

    Beam me up, Scotty!  [[[:D]]][[[:D]]][[[:D]]]

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Cookie Information Banner