WSA S370 - Wrong access Policies

Mathieu GEFFROY · ‎12-16-2013

Hello,

I have an Ironport S370, i set up some acces policies. I have a global policy which blocks youtube and all streaming web sites. I also have another access policy to allow the streaming web sites for users in a specific AD Group (GGS-FCT-DISH).

The ironport joined the Domain, my user is well authenticate and the group is retrieved from the AD but I can't access the streaming web sites as the policy matched is the global one.

Acces log when I try to access:

1387189559.148 11 10.92.19.4 TCP_DENIED/403 0 GET http://www.youtube.com/?hl=fr&gl=FR "VE\m.geffroy@ADEPS" NONE/- - BLOCK_AVC_11-Internet_AD_Agent-AD_Agent-NONE-NONE-NONE-NONE <IW_vid,5.9,1,"-",-,-,-,-,"-",-,-,-,"-",-,-,"-","-",-,-,IW_vid,-,"-","-","YouTube","Media","-","-",0.00,0,-,"-","-"> - "VE\GGS-FCT-DSIH"

All the access policies

The detailed for access policy which allow Streaming websites

The version of my Ironport WSA : 7.5.2-303

If you could help me.

Regards

Chris Illsley · ‎12-17-2013

Hi,

If you look at the block message it is blocking AVC, for your access poilcy you need to open up the Application section and allow the media you want in there.

Thanks

Chris

Mathieu GEFFROY · ‎12-17-2013

Hi Chris,

Thanks for your answer, I allowed the web site in the appplication section but there is no effect on the navigation.

Regards,

Mathieu

Chris Illsley · ‎12-17-2013

What is the block log now?

Thanks

Chris

Mathieu GEFFROY · ‎12-17-2013

Hi Chris,

I finally found my mistake, it comes from the Identity. I changed the Identity used and everything works fine.

Thanks for your reply again.

Mathieu