- CheckMates
- :
- Products
- :
- Harmony
- :
- Endpoint
- :
- Re: Error:-failed to download file.try again but o...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Error:-failed to download file.try again but only if you trust this site
failed to download file.try again but only if you trust this site
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Please look here Sandblast agent for browser - file can not be downloaded, in the comments there is a suggestion that you are using both Threat Emulation and SandBlast Agent at the same time
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I already check it. But TE blade is disabled is GW and Error does not come every time, Customer faces it from some specific sites.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
As per the file that I see from screenshot that you share is basically download from a mail.
can you go to the “threadwiki.checkpoint.com” and try to download the dummy file and check whether it’s block by sandblast agent or not ?
when we see this kind of messages when you download from any trusted sites then just exclude the domain to avoid this kind of message.
Thanks
#Chinmaya Naik
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Its a known limitation (one-time links) of SandBlast Browser, which is mentioned in sk108695.
When you click on a link to download a file, the browser extension detects this download attempt and stops it, then generate a new download request to the same URL, but this time the download should go through the extension and be inspected.
This can only happen if the URL stays the same, now when we have a one-time link (AKA dynamic links), this is randomly generated links which means that every download attempt gets its own unique URL.
When trying to download from a one-time link, the extension try's to download from the link that was generated at the first click, but this link is no longer valid and therefore we get this error of "Failed to download the file. Please try again only if you trust this site".
If you are sure the file is not malicious and you trust the website (in this case we are talking about an internal site so there shouldn't be any problem) you can simply exclude this IP address in the Threat Emulation policy.
What will happen the next time you click on the link?
The extension will not inspect the file and it will be downloaded according to the fail open/close of the Threat Emulation policy.
Meaning - the file will be allowed/blocked according to what you configure in the policy if you configure the action "Allow" in Threat Emulation policy (When neither Emulation or Extraction are supported).
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I have the same issue. Getting error "failed to download file.try again but only if you trust this site" from harmony. I have excluded domain from TE and other b;ades but now I am getting different error.
33,"category":"File bypass","action":"Error getting original file","label":"Error getting original file","customVar5Key":"file_extension","customVar5Val":"pptx"}
2022-03-09 9:34:00:742: LEVEL: INFO | MODULE: ANALITICS | SESSION: 38d2f692 | MESSAGE: "trackAction send" | PARAMS: {"id":2033,"category":"File stats","action":"Download file from web","label":"Error","value":67,"customVar5Key":"file_extension","customVar5Val":"pptx"}
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Check your policy for emulation on network level, if you have set it up to emulate files, then you have two systems trying to get access and emulate the same file... Put an exclusion for the devices that you have SBA installed in your network policy.
Thanks,
Charris Lappas
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
but TE and TEX blade is disabled is GW.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
in GW
