When will the Symantec Web Gateway display a blocking pages in proxy mode.
Last Updated October 09, 2013
Sometimes a webpage that is expected to be blocked displays an error like "this page can not be displayed" instead of the expected SWG blocking page. This happens when the page is an HTTPS site.
When traffic goes through the proxy, the Web Gateway displays blocking pages as follows:
HTTP traffic will always displays a blocking page if appropriate.
HTTPS has two options with or without SSL Deep Inspection:
With Deep Inspection a blocking page will be displayed.
Without Deep Inspection no blocking page will be displayed and the Browser will display an error message.
This Behavior is Documented in the Symantec Web Gateway 5.1 Implementation guide on page 119 as follows (page 117 for version 5.0):
"Note: If you use the SSL proxy, users cannot see your custom end user page when they attempt to access a domain in which no intercept policy exists. This situation can occur if you do not have an SSL intercept policy for a certain category, but you do have a content filtering blocking policy for that category. The message that they see depends on the Web browser that they use. For example, Internet Explorer displays a forbidden error message. Firefox displays a message that the proxy server refuses the connection. This issue occurs for HTTP/HTTPS or deep inspection ports."
Imported Document ID: TECH175244
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe