me myself and i 0 Posted February 5, 2021 Author Share Posted February 5, 2021 11 hours ago, itman said: My guess is if a transparent proxy was used, there would be no issues with Eset since it would be examining expected port 443 HTTPS traffic. unfortunately wrong The proxy runs in explicit mode on a custom port Link to comment Share on other sites More sharing options...
me myself and i 0 Posted February 5, 2021 Author Share Posted February 5, 2021 @itman this is what I expect to see this is what i get when accessing https sites from a blocked category: Link to comment Share on other sites More sharing options...
Administrators Marcos 5,306 Posted February 5, 2021 Administrators Share Posted February 5, 2021 In logs we see that the browser received a blocked page but for an unknown reason it reports an error. The case is still being investigated. Link to comment Share on other sites More sharing options...
ESET Staff Posolsvetla 15 Posted February 5, 2021 ESET Staff Share Posted February 5, 2021 This is intended behavior of both Chrome and Firefox. We serve the blocking page with HTTP/1.0 403 Blocked by ESET Security, as the immediate response to CONNECT blocked.domain.com:443 HTTP/1.1 Such response is blocked by browsers, and therefore not shown, in the case of https for security reasons, see e.g. https://bugs.chromium.org/p/chromium/issues/detail?id=137891 In order to make the browsers show the page we would need to proceed with the tunnel establishment and serve the blocking page only in there. Currently there is no ETA when this change will be done. It would be implemented in Internet protection module and therefore the clients would receive the update automatically. Link to comment Share on other sites More sharing options...
me myself and i 0 Posted February 5, 2021 Author Share Posted February 5, 2021 9 minutes ago, Posolsvetla said: This is intended behavior of both Chrome and Firefox. ..and Edge, and Vivaldi... is there a browser where it works? 15 minutes ago, Posolsvetla said: We serve the blocking page with HTTP/1.0 403 Blocked by ESET Security, as the immediate response to CONNECT blocked.domain.com:443 HTTP/1.1 Such response is blocked by browsers, and therefore not shown, in the case of https for security reasons, see e.g. https://bugs.chromium.org/p/chromium/issues/detail?id=137891 In order to make the browsers show the page we would need to proceed with the tunnel establishment and serve the blocking page only in there if I understand correctly, this does not work anywhere? are we the only company using ESET and a proxy? Best Stefan Link to comment Share on other sites More sharing options...
ESET Staff Posolsvetla 15 Posted February 5, 2021 ESET Staff Share Posted February 5, 2021 24 minutes ago, me myself and i said: is there a browser where it works? if I understand correctly, this does not work anywhere? The source code of only Chrome and Firefox was checked. The majority, if not all, of the browsers are expected to behave similarly. 24 minutes ago, me myself and i said: are we the only company using ESET and a proxy? Probably not. But as it's been like this for several years already, you are the 1st (AFAIK) to actually care enough to report the issue. Link to comment Share on other sites More sharing options...
me myself and i 0 Posted February 5, 2021 Author Share Posted February 5, 2021 8 minutes ago, Posolsvetla said: Probably not. But as it's been like this for several years already, you are the 1st (AFAIK) to actually care enough to report the issue. wow.... sounds like a bonus for me *smile* and since it is the second error (see here) there is perhaps a double bonus? *double-smile* what are the next steps? Will you inform me when the problem is solved? Link to comment Share on other sites More sharing options...
ESET Staff Posolsvetla 15 Posted February 5, 2021 ESET Staff Share Posted February 5, 2021 9 minutes ago, me myself and i said: what are the next steps? Will you inform me when the problem is solved? We will take care of the issue, but please note it might take some time as there might be more urgent work to be done. I will sent you a PM when it's released for business users. Please do not expect it to be soon, e.g. the usual release workflow (in cases like this) lasts several weeks. Link to comment Share on other sites More sharing options...
itman 1,760 Posted February 5, 2021 Share Posted February 5, 2021 (edited) In the Cisco WSA documentation in regards to HTTPS proxy configuration, it is stated that transparent proxy mode was provided in the instance where individual client devices are not configured to use a proxy. It was already stated in this thread that this installation does not configure individual client devices to use a proxy. As such, I believe setting Cisco WSA HTTPS proxy to transparent mode would be the solution to this issue. Broadcom has a short article of the difference between explicit and transparent proxies: https://knowledge.broadcom.com/external/article/166958/the-differences-between-explicit-proxy-a.html . The main thing to note in this article is how browsers behave when either proxy is used. So lets look at Firefox's default proxy setting for example: It's using Win 10 system proxy settings by default. If a network perimeter appliance explicit proxy was set on my network and this is not set up properly in my Win 10 system settings or defined in FireFox itself, I can see how FireFox could have issues with explicit proxy network traffic. Edited February 5, 2021 by itman Link to comment Share on other sites More sharing options...
me myself and i 0 Posted February 25, 2021 Author Share Posted February 25, 2021 Hi Posolsvetla any news for me regarding this issue/bug? Best Link to comment Share on other sites More sharing options...
ESET Staff Posolsvetla 15 Posted February 25, 2021 ESET Staff Share Posted February 25, 2021 Hi, no, unfortunately there is nothing new. Link to comment Share on other sites More sharing options...
me myself and i 0 Posted March 11, 2021 Author Share Posted March 11, 2021 Hi Posolsvetla still nothing new? Best Link to comment Share on other sites More sharing options...
me myself and i 0 Posted April 16, 2021 Author Share Posted April 16, 2021 One month later... still nothing new? Link to comment Share on other sites More sharing options...
ESET Moderators Peter Randziak 1,172 Posted September 27, 2023 ESET Moderators Share Posted September 27, 2023 Hello guys, the feature is implemented in Internet protection module 1457. Today (September 27, 2023) it has been released on pre-release update channel, further releases will scheduled later. Peter Link to comment Share on other sites More sharing options...
Recommended Posts