Showing results for 
Search instead for 
Did you mean: 

No blocked by category page showing when user accesses https site

Hi All,


Have a user who is trying to access a https website that is blocked. The policy trace is showing blocked by Category. However they are not being shown the standard blocked by URL category page. Instead they get The website declined to show this website. 


Would this be because we do not have the HTTPS Proxy enabled on WSA? 



Mohammed al Baqari
VIP Advisor

Nope. Is this a problem for all https websites or only this.

I've only seen it with this one site. We have just put in WSA's and are going through a testing stage. At this point its only this one site and the others I have seen are showing the standard URL category block page.



Does anyone have any suggestions for this?


If user goes to they get the URL blocked by category page.


If they go to they get page can't be displayed.


We are not doing any SSL inspection. HTTPS proxy is not enabled.





Might need to check the accesslogs from the WSA when processing those traffic to see what identity and policy it is hitting and how been handled.


If you have https proxy disabled, means the the https traffic will be processed using CONNECT tunnel method from access policy.

You need to make sure in that specific access policy you have port 443 listed as CONNECT port (access policy -> Protocols and User Agents column), otherwise it will not listen to it.


To get accesslogs from CLI:

1. Grep
2. Enter the number of the log you wish to grep: 1 (for access logs)
3. Enter the regular expression to grep: <client IP>
4. Do you want this search to be case insensitive?: Y
5. Do you want to search for non-matching lines? [N]> N
6. Do you want to tail the logs?: Y
7. Do you want to paginate the output?: N

Best Regards

Handy Putra

Thank you Handy.

I've logged a TAC case. They are indicating it wont show a blocked page if it is https traffic and https proxy is not enabled.

Confirm ports 443 in connect method of policy.


Thank you

Content for Community-Ad

This widget could not be displayed.