+ Post New Thread
Results 1 to 3 of 3
Internet Related/Filtering/Firewall Thread, Meraki MX80 and HTTPS Issues in Technical; Evening All I've just moved to a school that has a new Meraki MX80 Firewall doing the web filtering. I'm ...
  1. #1

    Join Date
    Apr 2011
    Posts
    18
    Thank Post
    5
    Thanked 1 Time in 1 Post
    Rep Power
    0

    Meraki MX80 and HTTPS Issues

    Evening All

    I've just moved to a school that has a new Meraki MX80 Firewall doing the web filtering. I'm not getting much help from the company who installed the solution and its causing us all sorts of issues with HTTPS connections I wonder if anyone has any experience with this device (I've used Smoothwall previously). For some sites (all of the google https services including google drive etc) it immediately returns you a page cannot be displayed error and whilst Youtube is supposed to be filtered you seem to be able to just avoid it completely by going to the https version.

    Before I start getting into the settings on it I'd appreciate if anyone here has any experience with this box as to what I should be looking for and what kind of things to check?

    Mucho thanks in advance if anyone can lend a hand, I want to spend some serious time with the Meraki setup at the moment but you can imagine just a few weeks into the job I have a tonne to do!

    Cheers

    Neal

  2. #2

    Join Date
    Dec 2009
    Location
    Minnesota
    Posts
    5
    Thank Post
    1
    Thanked 1 Time in 1 Post
    Rep Power
    0
    I don't have experience with that particular product (or Meraki's Firewall line in general) but the issue you're describing sounds like HTTPS inspection/interception isn't turned on. In my experience most firewalls/proxies don't handle this well in transparent mode so you may need to check the proxy settings that are being used on the devices to ensure they're actually configured to force proxying of connections. Two things to keep in mind if you're doing HTTPS interception:

    1) You will need a valid cert installed on the proxy/firewall that is signed by a Certificate Authority that all of your devices are configured to trust (so an internal CA that's pushed to the trust store or an external CA like Versign)

    2) Depending on the laws in the UK you are likely required to clearly notify users that their HTTPS connections are being intercepted and to exclude bank and health care sites from inspection. IANAL (or in the UK) so this is merely what I have been told in the past in regards to UK law.

  3. Thanks to AdonMalik from:

    disco_samurai (13th March 2014)

  4. #3

    Join Date
    Apr 2011
    Posts
    18
    Thank Post
    5
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Thanks for the advice!

    I spent the morning looking through the device expecting something complicated only to find that the project engineers had blocked all the google sites manually instead of unblocking them during the project setup as the school had requested......

    Enough said!

    Neal

SHARE:
+ Post New Thread

Similar Threads

  1. Meraki Security Appliances for Remote Teleworkers (MX80 and Z1)
    By glennda in forum Internet Related/Filtering/Firewall
    Replies: 6
    Last Post: 21st December 2012, 09:47 AM
  2. Cut and paste issues between excel and word
    By 17thcpikeman in forum Windows
    Replies: 1
    Last Post: 30th November 2007, 01:42 PM
  3. Reproduction and Copyright Issue
    By the_travisty in forum Web Development
    Replies: 2
    Last Post: 10th October 2007, 05:09 PM
  4. E-Portal and https configuration
    By daveyboy in forum MIS Systems
    Replies: 3
    Last Post: 13th September 2006, 01:04 PM
  5. Replies: 3
    Last Post: 9th September 2006, 08:13 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •