Web Gateway "blocked due to unauthorized access" NTLM authentication
we use NTLM Authentication in Web Gateway version 7.8.2 and we have a lot of "blocked due to unauthorized access" in logs file, but rule criteria access allow and user can serfer in internet . These "blocked ue to unauthorized access" wery often repid. How we can minimization out "unauthorized access"?
Re: Web Gateway "blocked due to unauthorized access" NTLM authentication
I do not know if this is still valid but let me answer this 😊
This is completely depending on the user requests and whether they are successfully authenticated or not and if they are authorized or blocked in a rule. Normally, you perform authentication and if authenticated, you check with usergroups if a user is allowed to browse internet for example. If not, he would be blocked because of being "unauthorized" which is a normal block page. It sounds more like being blocked after successful authentication rather than authentication fails.
To troubleshoot this issue, I would suggest to open a SR and attach feedback file and rule trace (if you can reproduce this block). With feedback file (policy), support can check if your rule set is properly configured etc. Please do not upload the data here in community since it contains sensitive information. Without having seen any debug data I can just say what I said above.
Regards, Marcel Kutrieba Technical Support Engineer
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.