Astaro User Bulletin Board
Go Back   Astaro User Bulletin Board > Closed Forums (read only) > ASG V7 Betas > ASG V7.400 BETA (closed)
Reload this Page [v7.360] HTTPS scanning blocks access and strips details
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Welcome to the Astaro User Bulletin Board.
If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

 
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 12-07-2008, 07:52 AM
RFCat_vk's Avatar
Wizard
  
Join Date: Aug 2005
Location: Victoria, Australia
Posts: 3,004
Default [v7.360] HTTPS scanning blocks access and strips details
Hi,
I have tried a number of times and get the same result, a page with most formatting missing.

The message below is part of the reject connection error fromt eh http log.
exceptions="" error="Transport endpoint is not connected" category="114" categoryname="Fincance/Banking"

Disable scan https and the site works correctly.

I have a funny feeling I saw a message from Andreas advising that the scan https only works in bridged mode.

Ian M
__________________
Home User licence - v8.0xx - AMD X2 5050e (45w CPU) with 4gb (idles at 37w),1 intel NIC, the onboard NIC and netgear gs108t with vlans
Home user licence - v7.507 -Intel N330 to run Astaro AP 30. Connected to internet via V8.001 ASG
Work essentials licence - v8.0xx - intel D with 1.5gb.
  #2 (permalink)  
Old 12-07-2008, 07:26 PM
Gert Hansen's Avatar
Wizard
  
Join Date: Nov 2000
Location: Karlsruhe, Germany
Posts: 1,285
Default
There is a missunderstandung.

HTTPS scanning works in all modes, BUT "Full Transparten Mode" works only in bridge mode.

regards
Gert
  #3 (permalink)  
Old 12-08-2008, 05:52 AM
svens's Avatar
Senior Member
  
Join Date: Nov 2005
Posts: 277
Default
Quote:
Originally Posted by RFCat_vk View Post
Hi,
exceptions="" error="Transport endpoint is not connected" category="114" categoryname="Fincance/Banking"

Ian M
In all cases i've seen so far the Server was closing the connection without sending a response. But without having a URL it is impossible to verify that assumption.
__________________
Sven Schnelle
Software Architect
Astaro AG
  #4 (permalink)  
Old 12-08-2008, 07:21 AM
RFCat_vk's Avatar
Wizard
  
Join Date: Aug 2005
Location: Victoria, Australia
Posts: 3,004
Default
Hi,
I will have to run the test again later because I can't find the info in the log. I have added additional info from the log.

The website is Home - CUA

2008:12:07-19:30:44 (none) httpproxy[5574]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="POST" srcip="192.168.10.252" user="" statuscode="502" cached="0" profile="REF_rWVkdARXGe (24hr access)" filteraction="REF_HdJmRUuAhp (24hr)" size="2262" time="25115 ms" request="0xb3f706a8" url="https://webbanker.cua.com.au/webbanker/CUA?xid=P4Z378" exceptions="" error="Transport endpoint is not connected" category="114" categoryname="Fincance/Banking"
2008:12:07-19:30:44 (none) httpproxy[5574]: [0xb3fafe10] ssl_read (ssl.c:772) SSL_ERROR_SSL
2008:12:07-19:30:44 (none) httpproxy[5574]: [0xb3fafe10] ssl_read (ssl.c:776) 5574:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1057:SSL alert number 48
2008:12:07-19:30:44 (none) httpproxy[5574]: [0xb3fafe10] ssl_read (ssl.c:776) 5574:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:842:
2008:12:07-19:30:44 (none) httpproxy[5574]: [0xb3fafff8] ssl_read (ssl.c:772) SSL_ERROR_SSL
2008:12:07-19:30:44 (none) httpproxy[5574]: [0xb3fafff8] ssl_read (ssl.c:776) 5574:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1057:SSL alert number 48
2008:12:07-19:30:44 (none) httpproxy[5574]: [0xb3fafff8] ssl_read (ssl.c:776) 5574:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:842:
2008:12:07-19:30:44 (none) httpproxy[5574]: [0xb3fafe10] ssl_read (ssl.c:772) SSL_ERROR_SSL
2008:12:07-19:30:44 (none) httpproxy[5574]: [0xb3fafe10] ssl_read (ssl.c:776) 5574:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1057:SSL alert number 48
2008:12:07-19:30:44 (none) httpproxy[5574]: [0xb3fafe10] ssl_read (ssl.c:776) 5574:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:842:
2008:12:07-19:30:44 (none) httpproxy[5574]: [0xb3fafff8] ssl_read (ssl.c:772) SSL_ERROR_SSL
2008:12:07-19:30:44 (none) httpproxy[5574]: [0xb3fafff8] ssl_read (ssl.c:776) 5574:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1057:SSL alert number 48
2008:12:07-19:30:44 (none) httpproxy[5574]: [0xb3fafff8] ssl_read (ssl.c:776) 5574:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:842:
2008:12:07-19:30:44 (none) httpproxy[5574]: [0xb3faf7e0] ssl_read (ssl.c:772) SSL_ERROR_SSL
2008:12:07-19:30:44 (none) httpproxy[5574]: [0xb3faf7e0] ssl_read (ssl.c:776) 5574:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1057:SSL alert number 48
2008:12:07-19:30:44 (none) httpproxy[5574]: [0xb3faf7e0] ssl_read (ssl.c:776) 5574:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:842:
2008:12:07-19:30:44 (none) httpproxy[5574]: [0xb3faf500] ssl_read (ssl.c:772) SSL_ERROR_SSL
2008:12:07-19:30:44 (none) httpproxy[5574]: [0xb3faf500] ssl_read (ssl.c:776) 5574:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1057:SSL alert number 48
2008:12:07-19:30:44 (none) httpproxy[5574]: [0xb3faf500] ssl_read (ssl.c:776) 5574:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:842:
2008:12:07-19:31:14 (none) httpproxy[5574]: [ (nil)] epoll_loop (epoll.c:664) reloading config
2008:12:07-19:31:15 (none) httpproxy[5574]: [ (nil)] epoll_loop (epoll.c:669) done
2008:12:07-19:31:18 (none) httpproxy[5574]: [ (nil)] epoll_loop (epoll.c:664) reloading config
2008:12:07-19:31:18 (none) httpproxy[5574]: [ (nil)] epoll_loop (epoll.c:669) done

Not sure if the above is relevant?

2008:12:07-19:23:31 (none) httpproxy[5574]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.10.252" user="" statuscode="200" cached="0" profile="REF_rWVkdARXGe (24hr access)" filteraction="REF_HdJmRUuAhp (24hr)" size="162" time="497 ms" request="0xb3fc11a8" url="http://www.microsoft.com/pki/crl/products/WinPCA.crl" exceptions="av" error="" category="175,105" categoryname="Software/Hardware,Business" content-type="text/html"
2008:12:07-19:26:08 (none) httpproxy[5574]: [0xb3fc11a8] tunnel_response (tunnel.c:310) write: Broken pipe

Regards
Ian M

being a bit picky - "Fincance/Banking"
__________________
Home User licence - v8.0xx - AMD X2 5050e (45w CPU) with 4gb (idles at 37w),1 intel NIC, the onboard NIC and netgear gs108t with vlans
Home user licence - v7.507 -Intel N330 to run Astaro AP 30. Connected to internet via V8.001 ASG
Work essentials licence - v8.0xx - intel D with 1.5gb.
  #5 (permalink)  
Old 12-08-2008, 09:07 AM
svens's Avatar
Senior Member
  
Join Date: Nov 2005
Posts: 277
Default
Quote:
2008:12:07-19:30:44 (none) httpproxy[5574]: [0xb3fafe10] ssl_read (ssl.c:776) 5574:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1057:SSL alert number 48
Your browser complains that he doesn't know the CA the cert was generated with - do you have Astaro Proxy CA certificate imported?

Cheers,

Sven.
__________________
Sven Schnelle
Software Architect
Astaro AG
  #6 (permalink)  
Old 12-08-2008, 09:10 AM
RFCat_vk's Avatar
Wizard
  
Join Date: Aug 2005
Location: Victoria, Australia
Posts: 3,004
Default
I had, but based on what you are advising I will re do it.

Ian M
Fixed the problem.
An observation, the import works for everything but IE under vista 64.
Not that I use it very much.
__________________
Home User licence - v8.0xx - AMD X2 5050e (45w CPU) with 4gb (idles at 37w),1 intel NIC, the onboard NIC and netgear gs108t with vlans
Home user licence - v7.507 -Intel N330 to run Astaro AP 30. Connected to internet via V8.001 ASG
Work essentials licence - v8.0xx - intel D with 1.5gb.
Last edited by RFCat_vk; 12-08-2008 at 09:44 AM.
  #7 (permalink)  
Old 12-09-2008, 07:00 AM
RFCat_vk's Avatar
Wizard
  
Join Date: Aug 2005
Location: Victoria, Australia
Posts: 3,004
Default
After multiple reboots of my PC and the ASG I am back where I started with my banking site.
My work secure access worked for the first time with Vista 64 and firefox after I imported the certificate.

2008:12:09-18:58:52 (none) httpproxy[5422]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="POST" srcip="192.168.10.252" user="" statuscode="502" cached="0" profile="REF_rWVkdARXGe (24hr access)" filteraction="REF_HdJmRUuAhp (24hr)" size="2262" time="11925 ms" request="0xb2f71dd8" url="https://webbanker.cua.com.au/webbanker/CUA?xid=CSKO9X" exceptions="" error="Transport endpoint is not connected" category="114" categoryname="Fincance/Banking"
2008:12:09-18:58:52 (none) httpproxy[5422]: [0xb2fbe4d8] ssl_read (ssl.c:772) SSL_ERROR_SSL
2008:12:09-18:58:52 (none) httpproxy[5422]: [0xb2fbe4d8] ssl_read (ssl.c:776) 5422:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1057:SSL alert number 48
2008:12:09-18:58:52 (none) httpproxy[5422]: [0xb2fbe4d8] ssl_read (ssl.c:776) 5422:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:842:
2008:12:09-18:58:52 (none) httpproxy[5422]: [0xb2f839f8] ssl_read (ssl.c:772) SSL_ERROR_SSL
2008:12:09-18:58:52 (none) httpproxy[5422]: [0xb2f839f8] ssl_read (ssl.c:776) 5422:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1057:SSL alert number 48
2008:12:09-18:58:52 (none) httpproxy[5422]: [0xb2f839f8] ssl_read (ssl.c:776) 5422:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:842:
2008:12:09-18:58:52 (none) httpproxy[5422]: [0xb2fbe4d8] ssl_read (ssl.c:772) SSL_ERROR_SSL
2008:12:09-18:58:52 (none) httpproxy[5422]: [0xb2fbe4d8] ssl_read (ssl.c:776) 5422:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1057:SSL alert number 48
2008:12:09-18:58:52 (none) httpproxy[5422]: [0xb2fbe4d8] ssl_read (ssl.c:776) 5422:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:842:
2008:12:09-18:58:52 (none) httpproxy[5422]: [0xb2f839f8] ssl_read (ssl.c:772) SSL_ERROR_SSL
2008:12:09-18:58:52 (none) httpproxy[5422]: [0xb2f839f8] ssl_read (ssl.c:776) 5422:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1057:SSL alert number 48
2008:12:09-18:58:52 (none) httpproxy[5422]: [0xb2f839f8] ssl_read (ssl.c:776) 5422:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:842:
2008:12:09-18:58:52 (none) httpproxy[5422]: [0xb2f79698] ssl_read (ssl.c:772) SSL_ERROR_SSL
2008:12:09-18:58:52 (none) httpproxy[5422]: [0xb2f79698] ssl_read (ssl.c:776) 5422:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1057:SSL alert number 48
2008:12:09-18:58:52 (none) httpproxy[5422]: [0xb2f79698] ssl_read (ssl.c:776) 5422:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:842:
2008:12:09-18:58:52 (none) httpproxy[5422]: [0xb2f6c2b8] ssl_read (ssl.c:772) SSL_ERROR_SSL
2008:12:09-18:58:52 (none) httpproxy[5422]: [0xb2f6c2b8] ssl_read (ssl.c:776) 5422:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1057:SSL alert number 48
2008:12:09-18:58:52 (none) httpproxy[5422]: [0xb2f6c2b8] ssl_read (ssl.c:776) 5422:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:842:
2008:12:09-18:58:54 (none) httpproxy[5422]: [ (nil)] epoll_loop (epoll.c:664) reloading config
2008:12:09-18:58:55 (none) httpproxy[5422]: [ (nil)] epoll_loop (epoll.c:669) done

The latest error log.

Ian M
__________________
Home User licence - v8.0xx - AMD X2 5050e (45w CPU) with 4gb (idles at 37w),1 intel NIC, the onboard NIC and netgear gs108t with vlans
Home user licence - v7.507 -Intel N330 to run Astaro AP 30. Connected to internet via V8.001 ASG
Work essentials licence - v8.0xx - intel D with 1.5gb.
 

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


All times are GMT. The time now is 01:42 AM.

 
Contact Us - Astaro User Bulletin Board - Archive - Top

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2010, Jelsoft Enterprises Ltd.


These pages are specifically maintained for the discussion of firewall issues within the Open Source community, and might already reflect new alpha/beta releases under development. Please refer to our product specifications for the functionality of the actual release. Discussions of new/enhanced functionality does not constitute a commitment of Astaro, to integrate this functionality into future releases. issues within the Open Source community, and might already reflect new alpha/beta releases under development. Please refer to our product specifications for the functionality of the actual release. Discussions of new/enhanced functionality does not constitute a commitment of Astaro, to integrate this functionality into future releases.