Choose from several options for complete web, email and data security.
Learn more
Evaluate Websense products by watching demos and installing evaluation software.
Learn how Websense solutions help keep our customer safe, secure and productive
Get information on product updates, support resources and more.
Get the most out of support in five simple steps.
Find tools and assets to help sell Websense solutions.
Come work for the global leader in unified information security. Go
I am running Websense 7.6 in standalone mode. All services are installed on one machine. My subnet is a /23 and our IP range is 10.10.30.1-10.10.31.254. I recently found out that websense isn't blocking any computers on the .31.xxx but is blocking on the .30.xxx.
I've verified the range is correct in the manager. i've even gone as far as entering it in different ways to see if it helps (tried 10.10.30.1-10.10.31.254 ; 10.0.0.0-10.255.255.255 ; 10.10.30.1-254 and 10.10.31.1-254) but they all result the same.
I also ran the testlogserver on a computer sitting on a .31 address and I am able to see the traffic however everything is coming back as "allowed". Ran the same testing on a computer on a .30 address and traffic is blocked. Specifically I am testing youtube.com.
Any help you guys can offer would be appreciated.
If testlogserver shows the traffic as being allowed then it's an issue with how you've applied a policy to that IP range (or users). Testlogserver should have included all information about the host, so make sure the username isn't in a group/OU/domain you have a policy to, or that there's a conflicting IP based policy applied.
Thanks for the reply. Since the policy was applied to an IP I was thinking that maybe order of precedence was the issue. I thought IP would take precedence over the user but maybe I had that wrong. To be sure assigned the User directly to the same policy and ran testlogserver agiain.
time= Tue Aug 30 14:18:01 2011 version= 5server= 10.20.161.xx source= 10.20.xxURL= www.flalottery.comprotocol= 1 - http port= 80 networkDirection= Inboundmethod= contentType = category= 13 - GAMBLINGcategoryReason= 0 - CatNonedisposition= 1027 - Custom URL - Category BlockedroleId= 0user= LDAP://xxx OU=xxx,OU=xxx,OU=xxx,DC=xxx,DC=xxx,DC=xxx,DC=xxx,DC=xxx/testuserbytes sent= 538 bytes received= 199 duration= 0 ms scan duration= 0 mspolicyName=
Network direction inbound? that is interesting.
I also see that there is no policyname but the category is blocked as is expected. It was blocked in previous testlog server using ip too.
Thanks
I thought you said it was the 10.10.30.xxx range that wasn't being filtered? your example is 10.20.xxx
