Hi All,
I had a webfilter environment as Browser Authenticate in the Active Directoy in Backend Authentication and hd two groups one totally allow and another one with some blocks including social networking, and EVERYTHING always works correctly.
But, in the last weekend I put the authentication mode as Transparent Mode with Active Directory SSO as Default Authentication.
Since this change the group that are totally free start to show the message "web request blocked, forbidden application detected"
Its strange because the message say that is forbidden application and not forbiden surf, I think that is means that the block are happening in the Application Control, then I set a top rule allowing everything for this AD Group and that keep blocking.
Anyone have any idea why that happen ?
2014:11:13-14:30:43 utm httpproxy[5568]: id="0066" severity="info" sys="SecureWeb" sub="http" name="web request blocked, forbidden application detected" action="block" method="GET" srcip="192.168.0.111" dstip="" user="usertest.unblocked" ad_domain="RST" statuscode="403" cached="0" profile="REF_HttProProxy (Proxy)" filteraction="REF_HttCffUnblocked (Unblocked)" size="3368" request="0x1fde7ae8" url="www.facebook.com/" exceptions="" error="" authtime="221" dnstime="18170" cattime="0" avscantime="0" fullreqtime="441928" device="0" auth="2" application="FACEBOOK" app-id="147"
Thx
Marc.
This thread was automatically locked due to age.
Guest User!
You are not Sophos Staff.
