Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
John_Colfer
Contributor
Jump to solution

User check Page not displaying for https sites

Hi Community

Have a strange one for a customer. 

They use URL filtering/Application control. Its working as expected and blocking what it should. When you go to http sites that should be blocked you get this 

But when you go to its https equivalent you get this:

You can see in the logs that everything is working ok:

Its just the Blocked page doesnt display. Has anybody seen this before?

Fairly simple config (I replicated issue on test environment). Its 77.30 Gaia HFA 302.

Thanks in advance and let me know if more info is required.

Thanks

John

1 Solution

Accepted Solutions
Evgeniy_Olkov
Collaborator
Collaborator

Hi. You need to enable https inspection.

View solution in original post

6 Replies
Evgeniy_Olkov
Collaborator
Collaborator

Hi. You need to enable https inspection.

John_Colfer
Contributor

Thanks Evgeniy

We'd prefer not inspect all https connections as this has compliance issues.

Is there another way at all?

Thanks again

John

0 Kudos
Evgeniy_Olkov
Collaborator
Collaborator

There is no other way, as far as I know.

0 Kudos
Juan_Concepcion
Advisor

Without https inspection you cannot inject yourself in the stream to present the user check page, at most you can block the site based off of certificate classification but that is the extent of it.

0 Kudos
Bryan_Bailey
Explorer

I just went through this. Enabling HTTPS inspection that is in R80.10 I found that we had to generate a third part cert, enable the VPN blade, recreate the internal ca cert, import the third party cert and it finally worked. This is / was not documented anywhere. It took me about a week and 4 different TAC calls. To your question. after you get https inspection working, https inspection policy you can create bypass rules for appropriate compliance related matters. I have not created any such rules but the last engineer I spoke with was very helpful in explaining the exact situation you are describing.  Hope this helps. 

John_Colfer
Contributor

Understood. Thanks lads.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events