- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
05-30-2018 01:40 AM
Hi all,
I have a question regarding URL filtering. I set up URL filtering in Security Profiles to "Alert" for Google Tag Manager. Test and work with the browser access to "https://www.googletagmanager.com/". When I use Wireshark to capture packets, why do I see only packets ssl negotiations "clent hello", not responsed "server hello". However, browser access to "http://www.googletagmanager.com/", that is redirected to "https://www.google.com/analytics/tag-manager/", i can see that web site. In the whitelist, "www.googletagmanager.com" is allowed.
Thanks,
05-31-2018 07:10 AM
make sure you set very specific filters and enable them
disable pre-parse (this is very important)
then verify global counters via a delta to verify what amount of packets you should expect, so you can decide to capture or make your filters even more specific:
> show counter global filter delta yes packet-filter yes
05-30-2018 04:23 AM
What is your question exactly?
05-30-2018 05:41 AM
Hi @reaper,
Thank you for reply.
Allow "www.googletagmanager.com" in URL filtering whitelist. If you connect with https, you can not connect, but you can connect by connecting with http. "www.googletagmanager.com" will be redirected to "https://www.google.com/analytics/tag-manager/". We also allow "* .google.com" by URL filtering.
Why can not connect using https, but i can connect using http. When capturing packets when connecting with https, there is no server hello response to use in SSL negotiation. It is speculated that this is the reason, but it is unknown whether URL filtering is directly related.
Sorry, my English is not good.
Regards,
05-30-2018 05:57 AM
hi @fxlateengineer don't worry, your english is fine!
You just had so much information i wanted to make sure I understood the question ^_^
Do you have SSL decryption enabled?
have you seen anything beiong blocked in the logs ?
Have you tried setting up packet-diag filters on the firewall and enabled packetcaptures while tracing the global counters ?
05-31-2018 03:26 AM
Hi, @reaper
Thank you for your kindness ^_^
ssl decryption is disabled. i have seen permited in the logs. i do not want to do it because the load of the device hangs up when packet capture is carried out. I'm worried.
Regards,
05-31-2018 07:10 AM
make sure you set very specific filters and enable them
disable pre-parse (this is very important)
then verify global counters via a delta to verify what amount of packets you should expect, so you can decide to capture or make your filters even more specific:
> show counter global filter delta yes packet-filter yes
07-03-2018 09:36 PM
Hi @reaper,
Sorry for the late reply.
I tried enabled packetcaptures while tracing the global counters.
> show counter global filter delta yes packet-filter yes
The dropped packet can be found and resoleved.
thank you so much!!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!