cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Former Member
Not applicable
Report Inappropriate Content
Message 1 of 7

Different results for sam site when using http & https

Jump to solution

So we are trying to get MWG7 setup so we can migrate from MWG6.  So far it's been quite a challenge.  While MWG7 is far more powerful, it's also way to comlicated.

Anyhow, our current delema is that when we go to a site, such as www.bing.com, www.google.com, etc, we get different results if we go http vs https.  We are using the defualt ruleset with NTLM auth and are mapping users to different URL filtering rulesets based on AD groups using the web mapping method outlined by Jon Scholten here - https://community.mcafee.com/docs/DOC-2210.  http seems to work fine and  follow the ruleset correctly.  https on the other hand seems to hit the default url filtering ruleset and not mappping.

Has anyone experienced this?  Is there a way to trace a user from start to finish through the ruleset?  Is there a ruleset tester built into the gui somewhere?

1 Solution

Accepted Solutions
Former Member
Not applicable
Report Inappropriate Content
Message 4 of 7

Re: Different results for sam site when using http & https

Jump to solution

See the screenshot below. I'm guessing that you werent getting filtered correctly for the CONNECT request because of the criteria on the ruleset. The "Command.Name does not equal CONNECT" criteria needs to be moved to the redirect rule, this way authentication will be evaluated for CONNECT requests.

old_new_authservercriteria.jpg

This has been discussed in this thread (https://community.mcafee.com/message/199460).

~Jon

View solution in original post

6 Replies
Former Member
Not applicable
Report Inappropriate Content
Message 2 of 7

Re: Different results for sam site when using http & https

Jump to solution

Are you using the authentication server for auth? If not, what are you using to authenticate?

~Jon

Former Member
Not applicable
Report Inappropriate Content
Message 3 of 7

Re: Different results for sam site when using http & https

Jump to solution

Yes we are.

Capture.JPG

Former Member
Not applicable
Report Inappropriate Content
Message 4 of 7

Re: Different results for sam site when using http & https

Jump to solution

See the screenshot below. I'm guessing that you werent getting filtered correctly for the CONNECT request because of the criteria on the ruleset. The "Command.Name does not equal CONNECT" criteria needs to be moved to the redirect rule, this way authentication will be evaluated for CONNECT requests.

old_new_authservercriteria.jpg

This has been discussed in this thread (https://community.mcafee.com/message/199460).

~Jon

Former Member
Not applicable
Report Inappropriate Content
Message 5 of 7

Re: Different results for sam site when using http & https

Jump to solution

Jon - thank you the link.  I had actually read that thread and the way I read it, you needed the "Command.Nmae does not equal CONNECT" in the ruleset .  I will remove it and try again.  I guess I figured since we started with a clean 7.1.5 build, the default ruleset would work out of the box with http and https when using NTLM auth.  If this does fix the issue I will get to move on to trying to get WCCP to work next with the same ruleset.

Feature Request: Add a "Ruleset Builder Wizard" that would do most of this for you

Former Member
Not applicable
Report Inappropriate Content
Message 6 of 7

Re: Different results for sam site when using http & https

Jump to solution

In the year 3000.... there will be a rule set builder!

JK, not that far out, but there are good things in the pipeline. In this case form comes after functionality, meaning all the functionality you want is there, but forming it may take a little bit of initial effort. But after that you're golden!

As far as the ruleset change, I have requested that be changed in future versions, so let us know if this does the trick for you!

~Jon

Re: Different results for sam site when using http & https

Jump to solution

Hello!

I am about another question. I saw you used expression «Criteria: Command.Name does not equal “CONNECT”. I am a new user of MWG. Please, say - What does it mean - «Criteria: Command.Name does not equal “CONNECT” in rule set?

Before this rule MWG has SSL inspection. I thought after SSL inspection the status of web-page must be "CONNECT". How doest it can be not “CONNECT"?

 

Thank you very much,

Valentina.

 

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community