Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

Reject action is seen in log for a rule with Drop action - blocked entire web session

Hi,

We have a R80.20 standalone gateway. We use URL filtering and application control, consequently, have a rule to block different web categories. After installing the latest jumbo hotfix, the rule that blocks web categories rejects packets in https traffic instead of dropping. This happens because connections which could not be redirected (to user check block portal for https, this is an expected issue) are now rejected and seems to close the whole session, see sk158293

Translating this to my environment and if I am not wrong, when user browsed to a website and parts of the site (other links like adverts) are blocked per the rule, the user cannot be redirected to User Check Block portal and the whole session is rejected.

As a workaround, I split the rule and created a specific one to block only web adverts in which users are not redirected to the Check Block portal. Doing so, there is no reject actions and session is not close, users can brose a website in which some parts are dropped for being web adverts. Actually, this makes sense as adverts are links embedded into the main web, so we don't need to show the Check Block Portal for them.

I hope this can help others

 

Luis 

2 Replies
Admin
Admin

That's a good tip.
I assume ads are also being served up over https, so couldn't see the portal anyway unless you were using HTTPS Inspection.
0 Kudos
Highlighted

Yes, that's correct, Ads were also being served up over https. If using https inspection, this problem would not exist. 

0 Kudos