Create a Post
Showing results for 
Search instead for 
Did you mean: 

site blocked ....internet server reset connection

Hi everyone, I've some cases, but I'll post each one separetelly.

I opened traffic to load images from site. Arduino use flickr service to show its images inside the portal.
First I tried with * and *, something similar worked well with other sites, but unfortunately this time it did not work. After a few hours I resolved it with regular expressions:

(^ |. * \.) * staticflickr \ .com
(^ |. * \.) * flickr \ .com

Now I try to open traffic to, but no custom application works properly:

(^ |. * \.) * manageengine \ .com (this as a regular expression in another app)
The browser sends an error ERR_CONNECTION_RESET.

In wireshark I can see that the server resets the connection.

If I open all internet traffic to single local ip address, load without problem in that host. 

What am I doing wrong? Why in some cases did it work for me and not in this one?


0 Kudos
2 Replies

It has to do with the certificate provided by
Specifically, it's not providing a CN or DN for us to match against.
And, unless you're either using HTTPS Inspection or R80.30, we can't see what server you're trying to connect to (R80.30 supports Verified SNI).
The RST is because it's HTTPS and we cannot inject a block page.

Perhaps you can create a signature using the Application Control Signature Tool instead.
0 Kudos

I use https categorization, so if I understand correctly, the FW in this configuration can compare the SUBJECT | CN property, but it does not verify the SUBJECT ALT NAME, where the domain of the site I want to access resides, and therefore the browser complains indicating that a secure connection could not be established (SECURE CONNECTION FAILED .... enfirefox) ... please confirm if I am correct.

My options are:
use the Application Control Signature Tool and test it.
Activate https inspection

I already verified with https inspection and yes it works. I want to try the first option too.

I notified you after the result.

0 Kudos