New Site Blocked even with Exception

Hello,
I have a Firebox M370 with new websites blocked in HTTPS proxy. I want to allow a new site that belongs to one of our staff but the "allow" exception I entered isn't working.

This is the deny message I get:

2020-11-04 12:58:32 Deny 192.168.3.106 192.254.189.68 https/tcp 56130 443 3-Jr High 0-External HTTPS Request (HTTPS-proxy Jr H Allow Teachers-00) HTTPS-Client.Jr High Teachers proc_id="https-proxy" rc="548" msg_id="2CFF-0000" proxy_act="HTTPS-Client.Jr High Teachers" tls_profile="TLS-Client-HTTPS.Standard.1" tls_version="TLS_V12" sni="lifesbestmedicine.com" cn="lifesbestmedicine.com" cert_issuer="CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US" cert_subject="CN=lifesbestmedicine.com" action="drop" app_id="0" app_cat_id="0" sent_bytes="210" rcvd_bytes="2999" geo_dst="USA" Traffic

I opened the HTTPS-proxyJr H Allow Teachers and edited the HTTPS-Client.Jr High Teachers. In the content inspection category I entered an ALLOW action for the domain name https://lifesbestmedicine.com/. I configured it for "exact match" then for "pattern match" but the site is still blocked as you see here:

2020-11-04 14:11:30 Deny 192.168.3.106 192.254.189.68 https/tcp 56633 443 3-Jr High 0-External HTTPS Request (HTTPS-proxy Jr H Allow Teachers-00) HTTPS-Client.Jr High Teachers proc_id="https-proxy" rc="548" msg_id="2CFF-0000" proxy_act="HTTPS-Client.Jr High Teachers" tls_profile="TLS-Client-HTTPS.Standard.1" tls_version="TLS_V12" sni="lifesbestmedicine.com" cn="lifesbestmedicine.com" cert_issuer="CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US" cert_subject="CN=lifesbestmedicine.com" action="drop" app_id="0" app_cat_id="0" sent_bytes="210" rcvd_bytes="2999" geo_dst="USA" Traffic

I'm hoping to get some guidance here before contacting support to configure it for me. Any help is greatly appreciated.

Comments

  • https://lifesbestmedicine.com/ is not a domain name, it is a URL.
    Try lifesbestmedicine.com

    The Deny log message is a summary log message caused by the "Enable logging for reports" option You can tell this by the sent_bytes= and rcvd_bytes= in the log message.

    Are there any deny log messages for this site prior to these?
    If not, you may have a drop option someplace in the proxy or HTTP proxy action with Logging not selected.

  • Thank you so much for your reply Bruce_Briggs. I entered the exception in Webblocker (instead of Content Inspection) and am now able to access the new website even though we have new websites blocked as a category. I appreciate your quick reply. Have a good day.

Sign In to comment.