I activated webblocker in my watchguard m570. I added all categories that i need to deny access and i affected my policy to HTTP and HTTPS proxies but no result. please what i have to do ?
What XTM version are you running?
On your HTTPS proxy action, do you have Inspect enabled?
If so, the HTTPS proxy uses the WebBlocker profile in the HTTP proxy action to filter the content
Turn on Logging for Reports on both your HTTP & HTTPS proxy actions, if not already selected. This will cause log records in Traffic Monitor which can help with problem resolution.
Please post an example HTTP URL where WebBlocker is not working.
Do you have any policy in your config which can allow HTTP & HTTPS packets which has a higher precedence (lower number) than your HTTP & HTTPS proxy policies ?
What XTM version are you running? --> 12.3.1
On your HTTPS proxy action, do you have Inspect enabled? I cannot approuve if yes or not (all what i see) is that - Application control , geolocalisation, IPS Policy are enabled and my HTTPS-PROXY is enabled too you can see that in the pic.
See also all the configuration in pics and the example of not working.
You need to edit the HTTP & HTTPS proxy action, and make any needed changes there.
When you change a default proxy action you will be prompted to save the change as a new proxy action name.
Please guide me, i´m newer in watchguard. it´s my first config
Select the View/Edit Proxy icon on your HTTPS proxy, on the Action de proxy line.
The same for the HTTP proxy
HTTPS-Proxy: Content Inspectionhttps://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/proxies/https/https_proxy_contentinspection_c.html
HTTP Request: General Settingshttps://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/proxies/http/http_req_gen_settings_c.html
You can access specific Help documentation pages by clicking on the Help button on a Policy Manager screen.
i did all of this.
result : somes URLs are blocked but i don´t see any deny/warn message to indicate that the firewall blocked the URL
To see deny log messages in Traffic Monitor for denies caused by WebBlocker:
On your HTTPS proxy action -> WebBlocker tab, you do have "Log this action" selected ?
If not, select it.
You can also select the "Log this action" on Subscription Services -> WebBlocker -> Configure on each of the WebBlocker actions there.
Make sure that the ones used on your HTTP & HTTPS proxies have "Log this action" selected.
For sites which are blocked by the HTTP proxy, users should see a deny message on their web browsers which reflects the HTTP proxy action Deny Message.
For sites which are blocked by the HTTPS proxy, I believe that the only way that a user would see a deny message on their web browser is if Inspect is enabled on the HTTPS proxy action, and then the users should see a deny message on their web browsers which reflects the Deny Message from the HTTP proxy action specified on the HTTPS proxy action.
Note that implementing Inspect requires the installation of a cert on the client machines.
Use Certificates with HTTPS Proxy Content Inspectionhttps://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/certificates/cert_https_proxy_resign_c.html?Highlight=https certificate
Many sites, including mine, use Inspect.