WebBlocker Exceptions not applying

bhx90

Hi,

I'm using WebBlocker to restrict Internet Access from my servers so in the WebBlocker Action I'm denying all categories and using Exceptions to allow traffic when needed.

Using pattern matching seems to work as expected but when I use Exact Match the exception is still blocking the traffic.

For example, I have an exception to allow enterpriseregistration.windows.net, but in the logs I can see the following:

ProxyHTTPSReq
HTTPS Request
disp=Deny
pri=6
policy=HTTPS-proxy-GSA-00
protocol=https/tcp
src_ip=10.10.8.3
src_port=49890
dst_ip=20.190.159.67
dst_port=443
src_intf=PROD-SERVERS
dst_intf=External
rc=548
proxy_act=HTTPS-Client.Standard-GSA.3
msg=HTTPS Request
pr=https/tcp
sent_bytes=199
update_time=2026-03-06 14:10:18
log_type=tr
geo_dst=IRL
rcvd_bytes=6112
sig_vers=18.410
wgc_cluster_id=442545
action=drop
msg_id=2CFF-0000
app_id=0
tag_name=ProxyHTTPSReq
sni=enterpriseregistration.windows.net
app_cat_id=0
sn=C03B035EDEB47
device_name=SZF-M590-PRI
2CFF-0000

Can anyone offer some advice to get this working? Also any general best practise advice around exceptions would also be welcome.

Bruce_Briggs

This looks like an end of session summary log message caused by “Logging for reports” being selected.
There should be an earlier log message showing the reason for the deny.