cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

URL Filtering and Application Control in my R80.20 not dropping categories

Hello everyone!

I'm having a strange behavior with URL Filtering and Application Control in my R80.20.

In the beginning, when we installed the blade for the first time, we created a Drop (with Block Notification) rule in Application to block stuff like Media Streams, Sex, Spam, etc., and it was working perfectly. Except for youtube. I know that we need to have HTTPS Inspection active for this to work properly, but it was working for almost everything (facebook, twitter, and others).

The rule:

Then we tried to activate HTTPS Inspection, but something went wrong and all https site were having problems. We decided to revert the activation.

After this, all categories in this rule are not dropping. The behavior is always the same:

- We access the website.

- Chrome or IE gives us "It's not possible to access the site" with the ERR_CONNECTION_RESET.

- After 1 or 2 seconds, the site refreshes and enters the website.

I've never seen this problem. I've searched everywhere and did not find anything related to it.

What bothers me is that it was working and suddenly, puff Smiley Sad 

Any thoughts of what I can do to find the root cause for what's happening?

Best regards,

Bruno Moniz

9 Replies

Re: URL Filtering and Application Control in my R80.20 not dropping categories

Hello Bruno, did you check sk92888?

when you enabled http inspection you also installed the certificate on the computers??

0 Kudos

Re: URL Filtering and Application Control in my R80.20 not dropping categories

Hello Alessandro,

The first time we activated https inspection we:

- imported the certificate with a password to the gateway.

- imported the same certificate with a password and distributed by GPO in Trusted Root Certificate.

It didn't work.

Now we have made another configuration but didn't tested it yet:

imported the certificate with a password to the gateway.

- exported the .cer certificate from the gateway.

- imported and distributed the .cer file in Trusted Root Certificate Authorities and in Trusted Publishers.

But isn't weird that when we rolled back the activation of https inspection, suddenly, categories defined in some rules of URL and Application Filtering stopped working? They were working before activation.

Best regards,

Bruno

Re: URL Filtering and Application Control in my R80.20 not dropping categories

Do you have secureXL enabled? 

0 Kudos

Re: URL Filtering and Application Control in my R80.20 not dropping categories

Alessandro de Lima Marreiro escreveu:

Do you have secureXL enabled? 

Yes, I have.

0 Kudos
Employee+
Employee+

Re: URL Filtering and Application Control in my R80.20 not dropping categories

It seems to me like SSLi is still being enforced. Or at least that is what it sounds like. In Chrome, when you get that ERR Connection Reset, hit F12, click on Security and View the cert. Is it the proper cert for that site?

The other thing you may want to do is clear your cache, or try Incognito mode to that same reset site. I literally this morning had an issue connecting to a SSL site but it worked inside of Incoginito. Clearing my cache corrected it. Granted I do not have SSLi enabled, but it worked a few hours before.

0 Kudos

Re: URL Filtering and Application Control in my R80.20 not dropping categories

Matt Ricketts escreveu:

It seems to me like SSLi is still being enforced. Or at least that is what it sounds like. In Chrome, when you get that ERR Connection Reset, hit F12, click on Security and View the cert. Is it the proper cert for that site?

I've walked this path when trying to figure it out what was happening. It has the proper cert for the site.

 

Matt Ricketts escreveu:

The other thing you may want to do is clear your cache, or try Incognito mode to that same reset site. I literally this morning had an issue connecting to a SSL site but it worked inside of Incoginito. Clearing my cache corrected it. Granted I do not have SSLi enabled, but it worked a few hours before.

I've tried this too, without success.

0 Kudos

Re: URL Filtering and Application Control in my R80.20 not dropping categories

Hello everyone,

I have some interesting updates for you all.

With the help of our support contract team, we found out that the Application Control and URL Filtering Rules with Block Notification are causing the bypass of the rule. If we add just one rule with block notification all goes crazy.

Our block notifications are in Portuguese and I configured the notification to appear only on Portuguese, disabling the English one. I also noticed that by default, the preferred language for new UserCheck messages are English and don't know if this is a problem.

The problem was escalated to Checkpoint support, let's see what happens now.

Best regards,

Bruno Moniz

0 Kudos

Re: URL Filtering and Application Control in my R80.20 not dropping categories

Depois da resposta acima eu precisa responder em português também... rs... já vi cenários em que colocaram o texto em português na configuração do idioma Inglês para contornar problemas.... 

Re: URL Filtering and Application Control in my R80.20 not dropping categories

Alessandro de Lima Marreiro escreveu:

Depois da resposta acima eu precisa responder em português também... rs... já vi cenários em que colocaram o texto em português na configuração do idioma Inglês para contornar problemas.... 

Se tiver que ser

0 Kudos