Block pages do not get shown to the client when using Advanced Threat Protection 2.3 in Blocking mode
Last Updated July 06, 2017
When using the Advanced Threat Protection appliance in Inline Blocking mode, blocking pages do not show in the browser for blocked requests. When going through setup, static routes were provided for inside the LAN and the default gateway set for the Inline interface is set to the WAN side as documented on pages 60 and page 17 of the Symantec Advanced Threat Protection 2.3 Administration Guide.
Connection Timeout or Page Cannot be Displayed error in the web browser
This will happen when the Default Gateway for the Inline1/2 connection is on the WAN side of the ATP and the firewall is not allowing egress traffic to flow back ingress from the firewall. Static Routes do not apply to the LAN/WAN interfaces.
You will need to change the Default Gateway setting for the LAN1 interface to be on the LAN side, instead of the WAN side as specified in the Administration Guide. This will not change how traffic that is not explicitly addressing the Inline IP is routed through the LAN/WAN interfaces.
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe