Have a user who is trying to access a https website that is blocked. The policy trace is showing blocked by Category. However they are not being shown the standard blocked by URL category page. Instead they get The website declined to show this website.
Would this be because we do not have the HTTPS Proxy enabled on WSA?
I've only seen it with this one site. We have just put in WSA's and are going through a testing stage. At this point its only this one site and the others I have seen are showing the standard URL category block page.
Might need to check the accesslogs from the WSA when processing those traffic to see what identity and policy it is hitting and how been handled.
If you have https proxy disabled, means the the https traffic will be processed using CONNECT tunnel method from access policy.
You need to make sure in that specific access policy you have port 443 listed as CONNECT port (access policy -> Protocols and User Agents column), otherwise it will not listen to it.
To get accesslogs from CLI:
2. Enter the number of the log you wish to grep: 1 (for access logs)
3. Enter the regular expression to grep: <client IP>
4. Do you want this search to be case insensitive?: Y
5. Do you want to search for non-matching lines? [N]> N
6. Do you want to tail the logs?: Y
7. Do you want to paginate the output?: N
Thank you Handy.
I've logged a TAC case. They are indicating it wont show a blocked page if it is https traffic and https proxy is not enabled.
Confirm ports 443 in connect method of policy.