Results 1 to 3 of 3
  1. #1
    Untangler
    Join Date
    Jan 2011
    Posts
    76

    Default Inspector blocking traffic from (supposedly) Ignored client

    Hi,

    Problem relates to untangle blocking Kindle access to the Amazon store.

    Because the Kindle is unable to install untangles root cert I have set up an Ignore rule so that traffic is not inspected by the HTTPS inspector. However, the Inspector still blocks traffic from the ignored client :

    Screenshot from 2015-11-21 12:23:12.png

    Turning OFF the HTTPS inspector solves the problem, so no other untangle modules are involved.

    Q1. Why is it blocking traffic I;ve told it to Ignore ?
    Q2. Solutiuon ?

    Thanks.

  2. #2
    Untangler
    Join Date
    Jan 2011
    Posts
    76

    Default

    OK,

    Answering my own question here...

    Under the configuration section of the Inspector is an option to 'Block Invalid Traffic', if I un-check this, then all is well...

    However, this is a global option (which is bad...), it should be an additional option in the Ignore ruleset, as I don't want to globally allow all invalid trafic, but just on the source IP I want to ignore...

    Feature request ?

  3. #3
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,747

    Default

    I would open a support ticket.

    Your screenshot shows that there are a few ignore HTTPS sessions.

    My guess would be that there are also some non-HTTPS stuff going on port 443 that the kindle is doing.
    If its not HTTPS it has a choice to either just allow it or block it, given that it can't parse it.
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2