OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 18.1 Legacy Series »
  • Web Proxy - Inconsistent filtering and protocol mismatch
« previous next »
  • Print
Pages: [1]

Author Topic: Web Proxy - Inconsistent filtering and protocol mismatch  (Read 1822 times)

ddoke

  • Newbie
  • *
  • Posts: 5
  • Karma: 0
    • View Profile
Web Proxy - Inconsistent filtering and protocol mismatch
« on: April 16, 2018, 10:24:32 am »
Hello all,
We would like to use a transparent Web proxy in order to block visitors from accessing undesirable Websites.

Here are some of the issues we are encountering:

* Websites that match one of the filtered category seem to be blocked. I.e.: www.ubs.com cannot be accessed even though the “bank” category is not blacklisted.

* When trying to access via HTTPS a Website that matches a filtered category that isn’t white-listed, we receive an SSL error on the browser. A network capture shows Squid responding with an Access Denied message in plain-text HTTP, and not HTTPS.

The error that is reoccurring in the access logs is TCP_Denied, but we can’t tell specifically what ACL we are hitting.
We are able to access some HTTPS Websites, it’s only when the access is denied that we receive a response in HTTP, and we also cannot tell why it’s being denied.

Other websites that don’t work: www.youtube.com, ch.archive.ubuntu.com

What are your suggestions?
Logged

ddoke

  • Newbie
  • *
  • Posts: 5
  • Karma: 0
    • View Profile
Re: Web Proxy - Inconsistent filtering and protocol mismatch
« Reply #1 on: April 18, 2018, 01:48:21 pm »
Hi there,
Can anyone help on this?
Doesn't seem like the filters are applied or treated correctly.
Logged

  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 18.1 Legacy Series »
  • Web Proxy - Inconsistent filtering and protocol mismatch
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2