Outlook 2010 Clip Art Thumbnails not Displaying
cancel
Showing results for 
Search instead for 
Did you mean: 

Outlook 2010 Clip Art Thumbnails not Displaying

L1 Bithead

We just switched to PAN DB and are using the PAN to do SSL decryption.  The policy i am using also does not have safe search enforcement enabled.

 

What i have tried is, do a packet capture and found the exact uri, exempted that uri from decryption and allowed it on the policy.  Added addition domains and urls found on google searches to the same exemption.  Clip art contiunes to come back with the thumbnails exed out.  We have users on Office 2013 and thier clip art thumbnails work fine, as it looks like that version just does a bing image search.

 

Anyone seen the issue and have possible work arounds that i did not try?

8 REPLIES 8

L7 Applicator

Hi John

 

I'm not 100% clear on what you've set up but allow me to try and get you sorted

 

one important thing to consider when ssl is used, it that the URI in the http GET may differ significantly from the certificate's CN. Once ssl decryption is disabled, the http get will be invisible to the firewall so we can only base our actions on the CN or SNI.

if you filter out the IP of one of your hosts and try to load the clipart, can you differentiate which sessions are being blocked or which url lookups are denied (traffic log and url log). it may help in figuring out which url exactly is being blocked

 

If this isn't helpful, would you mind adding a few screenshots so we can see what you're seeing ?

 

thanks!

Tom

Tom Piens
Like my answer? check out my book! https://bit.ly/MasteringPAN

In my PCAPs the URI isnt HTTPS its HTTP, I first i thought it was the SSL decrytption that was causing the issue so i wrote an exception.  But looks like that isnt necessary, but for some reason its still broken.  It works fine for the same user off of our network and not going through our PAN. 

 

 pcap.JPG

log.JPG

 

 

 

 

From your screenshot, the URI matches the globalWhitelist category and the action=alert, so the request was not blocked.  Just curious, what if you do not have any SSL decrypt policy applied to you, does it work?

When i am not going through the PAN clip art works perfectly fine, get back on the network and its broken again

What if you go thru the PA but disablle SSL decryption on your traffic.  I want to know if SSL decryption is affecting the Clip Art access.  Thanks.

I had the same problem, and I determined that it has to do with the fact that Microsoft moved all the clipart to bing.com and now when Office goes to read the PA is enforcing safe search and can not read it. Do you enforce safe search?

-Brad

We do not enforce safe search on any of our policies.  I saw this as a solution on Google but since i didnt have that enabled i was at a loss

I have the same problem and I thought it was safe search enforcement, but it sounds like maybe I was going down the wrong path.

-Brad
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!