When using the Symantec Web Gateway 5.x in Span/Tap mode the Web Gateway is failing to consistently block sites, even though on the Custom Reports page shows that the Web Gateway is reporting the page in question was Blocked.
This is a known potential issue when the Web Gateway is configured in Span/Tap mode, due to how blocking works in this mode. Since the appliance is not in inline mode, when the Symantec Web Gateway sends the block page out to the client, it has to reach the client before the client's request is serviced and they receive the site they requested. If the block page does not reach the client soon enough, this issue will occur where the client receives the requested site rather than the block page. Some potential causes for this issue could be if the Symantec Web Gateway is overloaded or if there are network problems causing a delay in the block page from the Web Gateway.
One possible solution is to enable the LAN port on the Symantec Web Gateway, assuming it is currently disabled. With the LAN port enabled block pages from the Web Gateway will be sent from the LAN port instead of the management port. For further help trying to troubleshoot this issue please contact Support.
Symantec Web Gateway 5.x
Imported Document ID: TECH163340
Subscribing will provide email updates when this Article is updated. Login is required.