HTTPS-Proxy Domain names default rule

I'm new managing Firebox and I'm locked in a proxy setup that I don't get to fix it.
My default setup is to Deny any https traffic in a secure network but some domain names to where the traffic is allowed. So if there is no match with domain names the rule is to deny and for the domain names included in the table, the rule is to Allow.
In theory, it means there is no content inspection and it should work, and the webpage is reached but in some cases this is not showed properly or some features are still locked.
Am I using properly this policy? is there some http header or another setup necessary in adition to the https-proxy policy?
If I change Deny by deafult to Allow, everything works fine and fast, so it looks related with this policy.
Thanks in advance for any help on this.

Comments

  • Web page content can come from more than 1 domain name.
    Quite often there are CDN (content delivery network) sites which are used.
    So, you need to find out all of the domain names that you need to allow for specific problem sites.
    Look at the denies in Traffic Monitor when a problem site is accessed to see what might need to be added.

  • Also - since HTTPS is encrypted, there are no HTTP headers or any content etc. which are visible to the firewall without Inspection being enabled.

  • Great point!! Thanks. I'll test it as soon as possible!

  • Hi Bruce, just to confirm it worked! I was monitoring the denied urls and once selected the minimum necessary, it's working. Thanks a lot!

Sign In to comment.