- Products
- Learn
- Local User Groups
- Partners
-
More
Join Us for CPX 360
23-24 February 2021
Important certificate update to CloudGuard Controller, CME,
and Azure HA Security Gateways
How to Remediate Endpoint & VPN
Issues (in versions E81.10 or earlier)
IDC Spotlight -
Uplevel The SOC
Important! R80 and R80.10
End Of Support around the corner (May 2021)
Hi Community
Have a strange one for a customer.
They use URL filtering/Application control. Its working as expected and blocking what it should. When you go to http sites that should be blocked you get this
But when you go to its https equivalent you get this:
You can see in the logs that everything is working ok:
Its just the Blocked page doesnt display. Has anybody seen this before?
Fairly simple config (I replicated issue on test environment). Its 77.30 Gaia HFA 302.
Thanks in advance and let me know if more info is required.
Thanks
John
Hi. You need to enable https inspection.
Hi. You need to enable https inspection.
Thanks Evgeniy
We'd prefer not inspect all https connections as this has compliance issues.
Is there another way at all?
Thanks again
John
There is no other way, as far as I know.
Without https inspection you cannot inject yourself in the stream to present the user check page, at most you can block the site based off of certificate classification but that is the extent of it.
I just went through this. Enabling HTTPS inspection that is in R80.10 I found that we had to generate a third part cert, enable the VPN blade, recreate the internal ca cert, import the third party cert and it finally worked. This is / was not documented anywhere. It took me about a week and 4 different TAC calls. To your question. after you get https inspection working, https inspection policy you can create bypass rules for appropriate compliance related matters. I have not created any such rules but the last engineer I spoke with was very helpful in explaining the exact situation you are describing. Hope this helps.
Understood. Thanks lads.
About CheckMates
Learn Check Point
Advanced Learning
WELCOME TO THE FUTURE OF CYBER SECURITY