Smoothwall HTTPS

**jsnetman** · 28th September 2010, 08:45 AM

Hi All

Just setup smoothwall as an internal proxy with ISA on the edge of the network. Seems to be working but we cannot access any HTTPS sites. My users are screaming for gmail. Smoothwall support is not open, I need info quick.

**tom_newton** · 28th September 2010, 08:53 AM

Support agents are in - there should be someone on the end of a phone now

**tom_newton** · 28th September 2010, 08:54 AM

On a more diagnostic note... I presume the smoothie is set up as a regular proxy?
What's the failure mode for HTTPS?
Is ISA an upstream proxy of the smoothwall?
What's in the logs, both smoothie (info/logs/web filter) and ISA access logs?

**jsnetman** · 28th September 2010, 09:03 AM

smoothwall Log

:58:20 administrator http://mail.google.com/a/ntlp.org.uk 0 Warning OK (200)
exception Exception site match
8:58:20 administrator https://mail.google.com:443 0 Warning OK (200)
exception Exception site match
8:59:09 administrator http://mail.google.com/a/ntlp.org.uk 0 Warning OK (200)

I switched off the proxy on ISA

**jsnetman** · 28th September 2010, 09:07 AM

ISA Log, smoothwall being downstraem

Failed Connection Attempt JS_WALL 28/09/2010 09:03:56
Log type: Web Proxy (Forward)
Status: 13 The data is invalid.
Rule:
Source: Internal (172.16.64.8)
Destination: (lhr14s01-in-f83.1e100.net 173.194.36.83:443)
Request:
Filter information: Req ID: 08d8f126
Protocol:
User: anonymous

**tom_newton** · 28th September 2010, 09:14 AM

So you are using ISA as an upstream proxy?
First, one suggestion would be to not do that, and allow the smoothie direct network access through ISA's NAT.
Second - it would seem that you *might* have ISA set up incorrectly - have you tried HTTPS proxy directly through ISA?

**jsnetman** · 28th September 2010, 12:47 PM

HTTPs works directly through the ISA. Tom Holstock had a good hunt around the ISA server and did not seem to think it was misconfigured. But still no HTTPS when smothwall is enabled as the proxy and ISA straight through.

**tom_newton** · 28th September 2010, 12:54 PM

Would it be possible to let the smoothie pass straight through?
I've had a look round to see if I could find any info on "error 13" - it *could* be related to compression, but we don't turn that on...

**jsnetman** · 28th September 2010, 12:57 PM

Would it be possible to let the smoothie pass straight through?

I think Jason tried that and HTTPS works, but the way it was left is that it was not filtering anything.

**tom_newton** · 28th September 2010, 01:03 PM

I can get Jason to put it back like that if that's helpful?

We'll run this past a few proxy experts at some point soon and see if they can shed any light.

**jsnetman** · 28th September 2010, 01:13 PM

I can get Jason to put it back like that if that's helpful

No problem, I set it back to my old filtering system in the meantime Jason is going to ring and see if he can find a solution.

LinkBack

Thread Tools

Search Thread

Smoothwall HTTPS

Similar Threads

Moodle entirely over https - how to?

Smoothwall https blocking help

Smoothwall Problem - Blocking Https sites

No https:// requests can get through

https Question. . .

Thread Information

Users Browsing this Thread

Posting Permissions