Register Now

Login

Lost Password

Lost your password? Please enter your email address. You will receive a link and will create a new password via email.

Website Is Not Loading With HTTPS Decryption Enabled

Here in this article we will troubleshoot the issue when website is not accessible due to HTTPS decryption enabled in sophos XG firewall.

First let us understand the issue in detail, consider one LAN machine in the internal network trying to access “outlook.com” and the web page is not loading. Identify the concerned firewall rule and check if HTTPS decryption is enabled in the firewall rule as shown below.

firewall rule
HTTPS decryption

If HTTPS decryption is enabled, XG firewall will intercept the traffic when accessing the website. Some website vendors will treat this process as MAN IN THE MIDDLE ATTACK, so the webpage will not load. It is normal behavior. In order to prevent make website accessible through firewall, we need to create web exception for this website and exclude HTTPS Decryption for that website.

Resolution:

Click on the WEB menu and then click on web exceptions tab as shown in below image

web exception
Web exception

Let’s say for example we were unable to access “firewallgeeks.com” website if https decryption is enabled. Now click on “Add exception“.

Fill the following details as per your requirement.

Name: Enter any name for web exception.

URL Pattern Matches: Under URL pattern matches section, enter “firewallgeeks.com” URL.

Skip Selected Checks: Under skip selected checks section, enable the HTTPS decryption exception, so that firewall will not decrypt traffic when accessing firewallgeeks.com website.

Here is the sample image as shown below

web exception for https decryption
Exception

Now you have created web exception, firewallgeeks.com website will be accessed now.

Hope this article helps you.