Jump to content

Web filtering and SSL


Michelle911
 Share

Recommended Posts

I am having issues with the web and email portion. I have enabled protocol filtering and setup rules for web access and control. I filter social media websites, video/audio streaming, porn, etc and find that it doesn't work properly unless I also have SSL filtering enabled. When SSL is enabled, it blocks all SSL/https traffic. I then have to put in exceptions for anything https that we need to access, including apps functions in Quickbooks. This is a huge pain - I can find no log anywhere for that, so I change the filtering mode under SSL to interactive to see what things ask for permission. Is there a setting that I'm missing or is it supposed to block all SSL/https traffic? I do have setup Quickbooks as an excluded application - that does not work either, I assume because it accesses external sites for credit card processing etc. I have also unchecked under SSL "Block encrypted communication utilizing the obsolete protocol SSL v2", which did not help either. Anyone have any experience with this?

Link to comment
Share on other sites

  • Administrators

To exclude Quickbooks from SSL/TLS filtering, open the advanced setup, navigate to Web and Email -> SSL/TLS -> List of SSL/TLS filtered applications and change the scan action for Quickbooks to "Ignore".

Link to comment
Share on other sites

I have done that and Quickbooks was only one example. What I want to know is if every SSL/https website is going to be blocked meaning that I have to exclude every https address that I want to go to. Some of these for example, are in Quickbooks which I have no idea of.

Link to comment
Share on other sites

  • Administrators

What browser do you use? Maybe the root certificate could not be imported to a trusted root CA certificate store which would cause issues when opening https websites. Try the following:
- restart Windows
- do not launch any application and open the advanced setup
- navigate to Web and Email -> SSL/TLS, disable SSL/TLS filtering and click ok
- re-enable SSL/TLS filtering
- wait a few seconds, then open an https website in a browser.

Let us know if the https website opens alright.

Link to comment
Share on other sites

I forgot to say we use remote administrator 6.4 to control these settings. We have a mixture of internet explorer and chrome. It always seems to come from applications, not an address entered per se - another program for example is Roboform - It connects to a secure site to sync an "everywhere account" and would not sync through the app until I put the address in the allowed url's, but the program was already listed in the excluded applications. And the allowed url's list is on the top of all other lists.

Link to comment
Share on other sites

  • 2 weeks later...

Happened again yesterday where I had to enter oauth.quickbooks.com and *.dropbox.com for those desktop products to connect through the filtering. I already had *.quickbooks.com, so I'm confused as to why I had to enter that specifically. 

I'm still wondering if this is by design or if I need to tweak some setting.

Link to comment
Share on other sites

  • Administrators

If I understand it correctly, applications other than web browsers connect to some https sites, such as quickbooks.com. If that's the case, in the advanced setup -> Web and email protection exclude these applications from protocol filtering.

Link to comment
Share on other sites

I had both Quickbooks and Dropbox in the excluded application list, but updates and other types of traffic within the app were being still blocked so I had to add specific exclusions as noted above.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...