cancel
Showing results for 
Search instead for 
Did you mean: 

Mcafee Web Gateway cannot access web hotmail

Hi guys,

We can't access web hotmail and I don't know that what happen ? The rule policy not block. Please see capture screen detail below.

Captfffure.JPG

Regards,

Sarm

13 Replies
mekafir
Level 7
Report Inappropriate Content
Message 2 of 14

Re: Mcafee Web Gateway cannot access web hotmail

Yes, same thing to me here today.

The SSL handshake could not be performed.

Host: login.live.com
Reason: error:00000000:lib(0):func(0):reason(0)

But when I bypassed the proxy, everything is working as normal.

asabban2
Level 17
Report Inappropriate Content
Message 3 of 14

Re: Mcafee Web Gateway cannot access web hotmail

Hello,

I can replicate the problem. This is a known problem with some SSL sites which should be solved in the near future. For the meantime there is a workaround described here:

It describes how to apply a workaround for several web sites which are added to a list. If you add the rule described and add "login.live.com" to the associated list access will work.

Best,

Andre

Highlighted
McAfee Employee jscholte
McAfee Employee
Report Inappropriate Content
Message 4 of 14

Re: Mcafee Web Gateway cannot access web hotmail

Also described in the POODLE guide! There is a subtle difference with the ciphers in Andre's link though.

Best Regards,

Jon

mekafir
Level 7
Report Inappropriate Content
Message 5 of 14

Re: Mcafee Web Gateway cannot access web hotmail

Hm.. so in this case I'm confused.

by creating the workaround above, it means that the security policy for the clients in our domain is lowered down as the workaround until Microsoft or Hotmail change their settings?

So when should I remove this exception / work around ?

McAfee Employee jscholte
McAfee Employee
Report Inappropriate Content
Message 6 of 14

Re: Mcafee Web Gateway cannot access web hotmail

Hi Meka,

If you follow the POODLE guide, it's not a workaround it's the overall fix so there is no need to maintain or remove anything.

Best Regards,

Jon

mekafir
Level 7
Report Inappropriate Content
Message 7 of 14

Re: Mcafee Web Gateway cannot access web hotmail

Thanks, Jon.

I'm following the guide   up to the point of

"If URL.Host is in list "TLS 1.0 Fallback Hosts" Then Stop Rule Set and use our "Certificate Verification with TLS 1.0 Fallback" setting for SSL Scanner""

but somehow I cannot find the AND button to click to select the SSL scanner setting?

see below screenshot:

RuleSet.jpg

McAfee Employee jscholte
McAfee Employee
Report Inappropriate Content
Message 8 of 14

Re: Mcafee Web Gateway cannot access web hotmail

You should be looking at the rule criteria not the action.

For simplicity sake, please follow the POODLE guide ().

The guide Andre mentioned has you create a list that you must maintain, the POODLE guide updates the default rules to use the suggested settings.

Best Regards,

Jon

mekafir
Level 7
Report Inappropriate Content
Message 9 of 14

Re: Mcafee Web Gateway cannot access web hotmail

yes Thank you , all of the Microsoft Passport sites are all working with your method 🙂

  • login.live.com
  • loginnet.passport.com
  • msnia.login.live.com
  • pst.microsoftpassportsupport.net
  • api.login.live.com
  • tools.login.live.com
  • xml.login.live.com
  • nexus.passport.com
  • login.passport.com
  • msnialogin.passport.com

So I guess in this case I will now have to maintain the list of SSL 3.0 site exceptions which may be required by the users.

asabban2
Level 17
Report Inappropriate Content
Message 10 of 14

Re: Mcafee Web Gateway cannot access web hotmail

Hello,

I wasn't aware of the POODLE guide, you definitely want to go for it.

My version is - as stated - a workaround only for specific sites. I was assuming this behaviour is caused by a problem which will be fixed in a later MWG version, in such situations you may want to go for a temporary workaround 🙂

Best,

Andre

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community