Virtual Secure Web Gateway

 View Only

  • 1.  web gateway authentication problems

    Posted Nov 04, 2011 11:15 AM

    Hi Everyone

    I have the folowing problem and need some help


    Web gateway 5,Instaled in inline + proxy block mode.Using dc interface for authentication.Worked fine untill changing clients to use web gateway as a proxy.Internet explorer offten reports "page cannot be displayed " erorrs and problems when downloading files appear,when using chrome no problems.I gueess it is an authentication problem.Except for the group policy that forces users to use the proxy nothing else was changed.Anuy help is appretiated

    Thanks



  • 2.  RE: web gateway authentication problems

    Posted Nov 07, 2011 10:41 AM

    If a client is manually configued to use proxy mode does it work? --This will let you know if it is your policy or the SWG.

    does reporting based on username infromation from LDAP appear to work? --This will let you know if DC interface is working/passing information to the SWG.



  • 3.  RE: web gateway authentication problems

    Posted Nov 07, 2011 04:03 PM

    Hi Ben thanks for the reply

     

    if a client is manually configued to use proxy mode does it work? --This will let you know if it is your policy or the SWG.

    no matter how i configure the proxy (manualy or by policy) the problem remains,any idea why this problem doesent appear with chrome?It uses the proxy configuration from explorer

    does reporting based on username infromation from LDAP appear to work? --This will let you know if DC interface is working/passing information to the SWG.

    the reports are fine.Interesting fact is that when i have a problem opening a page the report doesent show that a page is blocked



  • 4.  RE: web gateway authentication problems

    Posted Nov 08, 2011 04:13 PM

    I don't suspect this is an authentication based issue as usernames are working for the reports. 

    Are you able to ping an external site (ex: google.com) using both the Lan and Management ports? the ping test should be available in administration -> Configuration -> Network



  • 5.  RE: web gateway authentication problems

    Posted Nov 17, 2011 10:51 AM

    Hi Ben

     

    Sorry for this late reply.I am able to ping external sites from the lan port but not from the management port but i can ping the internal dns both by name and adress.

    I suppose that the managemen tport is only used for authentication (the management port interface is set up in dcinterface).Other than that i know for sure that i receive software updates for the appliance (in this case the inline interface is responsible for updates,i can connect to symanetc threat center.......)the inline ip adress is set up in the users browsers as the proxy adress.

    Am i doing something wrong?

     

    Thanks



  • 6.  RE: web gateway authentication problems
    Best Answer

    Posted Nov 17, 2011 11:38 AM

    The management port should also have internet access.



  • 7.  RE: web gateway authentication problems

    Posted Dec 16, 2011 09:09 AM

    Hi Ben

    The problem is finally solved,The MGMT interface must have both internet access and access to the internal network