Solved

x700 core blocking sites it shouldn't be

Posted on 2009-07-09
4
526 Views
Last Modified: 2013-11-16
I have a watchguard x700 that is constantly blocking sites (IPs) that should be allowed through due to a policy.  We use OWA and we have a policy setup to allow any HTTPS traffic through to certain IP addresses...one of them being the Exchange server.  Lately the x700 has just been block happy and blocking just about everything.  Once I reboot the x700 it clears our the blocked sites list and users are able to connect for a short time. Then few hours later, sometimes days, their IP will be added to the blocked sites list again and they cannot connect.  Anyone run into this before and if so can you help...its extremely annoying.
0
Comment
Question by:Fveng
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 32

Accepted Solution

by:
dpk_wal earned 500 total points
ID: 24820204
You must have enabled Auto-block features in policy or at the global level.

In Policy Manager, go to Setup->Default Threat Protection->Default Packet Handling; under unhandled packets, ensure Auto-block source of packets not handled is not checked.

Also, edit the HTTP policy, go to Properties tab; ensure that Auto block sites that attempt to connect is not checked.

Thank you.
0
 

Author Comment

by:Fveng
ID: 24822815
Thanks for the tip.  Auto-block source was checked.  I unchecked it and I'll monitor the blocked sites list to see if that took care of the problem.  Auto block under HTTP or HTTPS wasn't checked so I'm thinking we should be good.
Thanks for your help, I'll accept as solution after testing.
0
 
LVL 32

Expert Comment

by:dpk_wal
ID: 24825412
Sure, please update once tested! :)

Thank you.
0
 

Author Comment

by:Fveng
ID: 24879314
That seemed to resolve the issue.  I haven't had any complaints yet and the blocked sites list is a lot smaller than it was before.
Thanks!
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
This is a high-level webinar that covers the history of enterprise open source database use. It addresses both the advantages companies see in using open source database technologies, as well as the fears and reservations they might have. In this…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question