Page error instead of block page - Webblocker

T10 FW:12.5.2
I'm trying to play with the new "Warn" actions, this is my own firewall not usually subject to webblocker configurations. "Warn" appears to let all traffic through without a warning page, but noticed "Deny" just throws the browser a reset (err_connection_reset) as opposed to displaying any block page. Not a problem i have with other firewalls.

I cloned the HTTP and HTTPS proxy actions from standard, just to make sure i was starting fresh. Added a fresh firewall policy and included those proxy actions. Still the same result.

IE gives a but more meat to the error mentioning TLS version issues, so i tried moving the proxy action between 1.0, 1.1 and 1.2. Still the same result.

Outside of going to a factory default for the whole device, i'm kinda stuck here.

Comments

  • edited January 2020

    If the site is HTTPS, then this is how it works without Inspect and a HTTP proxy action which will provide a proper deny or warn message

  • You're absolutely right, thanks Bruce.
    What a waste of resources considering the Firebox knows it's going to a flagged site even before inspection. You'd need to inspect everything to even make the block/warn pages useful... everything is https these days, and my firewalls get bogged down considerably using inspection.Page error it is...

  • Without doing Inspect, the HTTPS session is between the web browser and the server, so the firewall can't send a reply back to the web browser.
    With Inspect, the session is between the web browser and the firewall, and then from the firewall to the web server, so the firewall can send a reply back to the web browser.

Sign In to comment.