This website uses cookies. By browsing this website, you consent to the use of cookies. Learn more.
OK
ABOUT CHECKMATES & FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Help
Highlighted
John_Colfer
John_Colfer
Nickel
‎2018-11-14 07:46 AM

User check Page not displaying for https sites

Jump to solution

Hi Community

Have a strange one for a customer. 

They use URL filtering/Application control. Its working as expected and blocking what it should. When you go to http sites that should be blocked you get this 

But when you go to its https equivalent you get this:

You can see in the logs that everything is working ok:

Its just the Blocked page doesnt display. Has anybody seen this before?

Fairly simple config (I replicated issue on test environment). Its 77.30 Gaia HFA 302.

Thanks in advance and let me know if more info is required.

Thanks

John

Tags (1)
Reply
1 Solution

Accepted Solutions
Evgeniy_Olkov
Evgeniy_Olkov
Copper
‎2018-11-14 10:00 AM

Re: User check Page not displaying for https sites

Jump to solution

Hi. You need to enable https inspection.

Reply
6 Replies
Evgeniy_Olkov
Evgeniy_Olkov
Copper
‎2018-11-14 10:00 AM

Re: User check Page not displaying for https sites

Jump to solution

Hi. You need to enable https inspection.

Reply
John_Colfer
John_Colfer
Nickel
‎2018-11-15 02:28 AM

Re: User check Page not displaying for https sites

Jump to solution

Thanks Evgeniy

We'd prefer not inspect all https connections as this has compliance issues.

Is there another way at all?

Thanks again

John

0 Kudos
Reply
Evgeniy_Olkov
Evgeniy_Olkov
Copper
‎2018-11-15 02:34 AM

Re: User check Page not displaying for https sites

Jump to solution

There is no other way, as far as I know.

0 Kudos
Reply
Juan_Concepcion
Juan_Concepcion
Silver
‎2018-11-15 11:12 AM

Re: User check Page not displaying for https sites

Jump to solution

Without https inspection you cannot inject yourself in the stream to present the user check page, at most you can block the site based off of certificate classification but that is the extent of it.

0 Kudos
Reply
Bryan_Bailey
Bryan_Bailey
Ivory
‎2018-11-16 07:13 AM

Re: User check Page not displaying for https sites

Jump to solution

I just went through this. Enabling HTTPS inspection that is in R80.10 I found that we had to generate a third part cert, enable the VPN blade, recreate the internal ca cert, import the third party cert and it finally worked. This is / was not documented anywhere. It took me about a week and 4 different TAC calls. To your question. after you get https inspection working, https inspection policy you can create bypass rules for appropriate compliance related matters. I have not created any such rules but the last engineer I spoke with was very helpful in explaining the exact situation you are describing.  Hope this helps. 

Reply
John_Colfer
John_Colfer
Nickel
‎2018-11-16 12:38 AM

Re: User check Page not displaying for https sites

Jump to solution

Understood. Thanks lads.

0 Kudos
Reply