RE: Pix 6.3(3) / Websense 5.1 - flaky?

From: Kenneth Wygand (KWygand@customonline.com)
Date: Sat Apr 17 2004 - 13:03:12 GMT-3

Serkan,
 
I actually tried those as per Websense but it didn't work... Also, I get the "page cannot be displayed" for every single HTTPS site, including https://www.hotmail.com (the home page, so I don't think this URL should translate one longer than 1000 bytes), and sites like https://www.aol.com and https://www.paypal.com.
 
I've actually just found the following from Cisco's documentation CD:
 
<SNIP>

Filtering HTTPS and FTP Sites

PIX Firewall Version 6.3 introduces support for filtering of HTTPS and FTP sites for Websense filtering servers.

HTTPS filtering works by preventing the completion of SSL connection negotiation if the site is not allowed. The browser displays an error message such as "The Page or the content cannot be displayed."

Because HTTPS content is encrypted, PIX Firewall sends the URL lookup without directory and filename information.

</SNIP>

This to me indicates that what I am seeing ("page cannot be displayed") is actually correct? Can anyone confirm?

Thanks!

Ken

        -----Original Message-----
        From: sustundag@secura.com.tr [mailto:sustundag@secura.com.tr]
        Sent: Sat 4/17/2004 6:28 AM
        To: Kenneth Wygand; ccielab@groupstudy.com
        Cc:
        Subject: RE: Pix 6.3(3) / Websense 5.1 - flaky?
        
        

        I hade similar issue but it was related long urls (especially in https sites..) Especially in mail.yahoo.comand www.hotmail.com sites
        
        I suggest to read this article This solved my problem
        I have been getting same "page cannot be displayed" message
        
        http://www.websense.com/support/knowledgebase/Display.php?faq=766&plat=all&key=pix%20https&lang=English
        
        
        
        Serkan Ustundag
        
        Network and Security Engineer
        CCNP,CCDP,CCSE
        CCSP (Cisco Certified Security Professional)
        Cisco Network Management Specialist
        
        sustundag@secura.com.tr
        
        Secura bir TEPUM grup sirketidir
        
        -----Original Message-----
        From: Kenneth Wygand [mailto:KWygand@customonline.com]
        Sent: Saturday, April 17, 2004 12:04 AM
        To: ccielab@groupstudy.com
        Subject: Pix 6.3(3) / Websense 5.1 - flaky?
        
        I'm running a test environment where I'm trying to get the Pix to forward all web (http and https) traffic to a Websense 5.1 box. All blocked traffic (http) comes back with the typical websense "blocked" page, but all https traffic (allowed or not) comes back with the "page cannot be displayed". I've tried configuring the pix with both the "filter url https 0 0 0 0" and "filter https 443 0 0 0 0" command to no avail. Has anyone seen this before? Any fix? BTW, I'm running Pix version 6.3(3).
        
        Thanks!
        Ken
        
        _______________________________________________________________________
        Please help support GroupStudy by purchasing your study materials from:
        http://shop.groupstudy.com
        
        Subscription information may be found at:
        http://www.groupstudy.com/list/CCIELab.html

This archive was generated by hypermail 2.1.4 : Mon May 03 2004 - 19:48:49 GMT-3