cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
John_Colfer
Nickel

User check Page not displaying for https sites

Jump to solution

Hi Community

Have a strange one for a customer. 

They use URL filtering/Application control. Its working as expected and blocking what it should. When you go to http sites that should be blocked you get this 

But when you go to its https equivalent you get this:

You can see in the logs that everything is working ok:

Its just the Blocked page doesnt display. Has anybody seen this before?

Fairly simple config (I replicated issue on test environment). Its 77.30 Gaia HFA 302.

Thanks in advance and let me know if more info is required.

Thanks

John

Tags (1)
1 Solution

Accepted Solutions

Re: User check Page not displaying for https sites

Jump to solution

Hi. You need to enable https inspection.

View solution in original post

6 Replies

Re: User check Page not displaying for https sites

Jump to solution

Hi. You need to enable https inspection.

View solution in original post

John_Colfer
Nickel

Re: User check Page not displaying for https sites

Jump to solution

Thanks Evgeniy

We'd prefer not inspect all https connections as this has compliance issues.

Is there another way at all?

Thanks again

John

0 Kudos

Re: User check Page not displaying for https sites

Jump to solution

There is no other way, as far as I know.

0 Kudos

Re: User check Page not displaying for https sites

Jump to solution

Without https inspection you cannot inject yourself in the stream to present the user check page, at most you can block the site based off of certificate classification but that is the extent of it.

0 Kudos

Re: User check Page not displaying for https sites

Jump to solution

I just went through this. Enabling HTTPS inspection that is in R80.10 I found that we had to generate a third part cert, enable the VPN blade, recreate the internal ca cert, import the third party cert and it finally worked. This is / was not documented anywhere. It took me about a week and 4 different TAC calls. To your question. after you get https inspection working, https inspection policy you can create bypass rules for appropriate compliance related matters. I have not created any such rules but the last engineer I spoke with was very helpful in explaining the exact situation you are describing.  Hope this helps. 

Highlighted
John_Colfer
Nickel

Re: User check Page not displaying for https sites

Jump to solution

Understood. Thanks lads.

0 Kudos