Quantcast
Channel: Forcepoint Community
Viewing all 2011 articles
Browse latest View live

Filtering Service not showing up in Triton

April 14, 2016, 6:22 am
$
0
0

Hey all,

I've set up a RHEL CGW with FIltering Service (firstly installed Filtering Service, then CGW). I've downloaded both from mywebsense.com so they should be the latest version. In the end, this server should really just be a Proxy for one of our affiliates which has bad performance to the Web-Cluster of Websense.

What happens now is that only CGW is showing up in Triton under "Deployment", but not the filtering service. Therefore I can't assign the filtering service to the Filtered Location. 

As I do see the CGW there, I doubt that there is an network issue between the Policy Server (Triton) and my new CGW. Also if I enter the proxy hardcoded to my machine, I can surf through the new CGW, it's just not showing up in Triton.

What I already tried:

-Re-Install Filtering/CGW (in different order, none of them worked, so I remained with the one from the documentation)

-Restarting CGW / Triton (multiple times, both)

-Reaching out to Support.

Did anybody do the same, maybe even with success? Would be nice if you could advice me.

Thanks and BR

Michael

 

Search

BSOD on Windows 2008 R2 with Triton

April 14, 2016, 4:11 am
$
0
0

Hi all.

I have built a new server to run our Triton Web Server to replace our old one which is on Windows 2003.

The new server runs on VMware 5.1, its Windows 2008 R2, with TMG 2010 on there as well, along with Triton Websense, Web Security Build 7.8.4.1390

The machine works great, however when I deploy it to my organisation it will after a little while Blue Screen, with the following error.

Page Fault in Non Paged Area. fwpclnt.sys.

Now I have built loads of guests on VMware and this is the only one we have that gets the BSOD. The server is fully patched and I have another server virtually identical, but without the Triton software and this does NOT have the same issue.

Has anyone got any experience of such an event? I have considered deploying Windows 2012 R2 and re building but TMG does not install on that platform.

Someone must be running the same but not having my issue?

Help!!!!!

 

Websense 8.1 Web Filter & Security Database Names

April 15, 2016, 9:18 am
$
0
0

Hello,

Could someone tell me what the default catalog, partition, and threats partitions database names are in Websense 8.1 Web Filter & Security ?

Are they named the same as prior Websense Web Filter & Security versions: wslogdb70, wslogdb70_x and wslogdb70_amt_1.

 

Thank You

Frank

Content Gateway 7.8.4

May 2, 2016, 1:44 pm
$
0
0

Has anyone experienced issues after upgrading from IE10 to IE 11? Specifically problems accessing sites such as yahoo.com/google.com ?

records.config include Content Gateway entries to enable TLS1/TLS1.2 support

CONFIG proxy.config.ssl.server.TLSv11 INT 1      
CONFIG proxy.config.ssl.server.TLSv12 INT 1

CONFIG proxy.config.ssl.client.TLSv11 INT 1
CONFIG proxy.config.ssl.client.TLSv12 INT 1

 

When a user attempts to access yahoo.com in Internet Explorer 11 they immediately receive 'Page cannot be displayed'. If they go to Tools > Advance > and uncheck 'tls1.2' they can browse to the page just fine.

The question I have is: should I disable the TLSv1.2 in the records.config file?

Old: CONFIG proxy.config.ssl.client.TLSv12 INT 1

New:CONFIG proxy.config.ssl.client.TLSv12 INT 0

If I do so, will it break all IE 10 users?

 

Installation/Upgrade hanges when installing Web Security

May 24, 2016, 11:46 am
$
0
0

After a lot of troubleshooting and research, I was finally able to figure out what was wrong.  Upgrading to 8.2 kept hanging at Copy files from C:\Windows\Installer\...  It would get stuck on 2 bars, even if I let it run over night.  No errors in the Windows Event Logs, but in C:\Users\<User>\AppData\Temp there was a folder (called 2 or 3 or could be something different) that referenced out of memory errors related to Java and Heap errors.  My machine is Windows 2008 R2 with plenty of memory and disk space.  I have the current version of Java (32 and 64 bit and I tried uninstalling/installing both, but still wouldn't work).  My %JRE_HOME% pointed to the DSS JRE folder (Data Security), so I pointed it to both the Windows Java 32 and 64 bit folder, but still nothing.

Thanks to Google and a sense of adventure on my part, I did the following and it worked (not sure if all are required):

- Uninstalled 32 bit Java and only installed 64 bit

- Made sure the %JRE_HOME% Environmental Variable pointed to the C:\Program Files\ java folder (full back which includes version number, but not BIN folder)

- Added _JAVA_OPTIONS Environmental Variable in Windows (Machine variable) with the value of -Xmx512M (you may want to try 256 if you only have 4GB of memory)

- Also followed the instructions on this page to add the parameter within Java itself (http://www.wikihow.com/Increase-Java-Memory-in-Windows-7) - In Control Panel > Java > Java tab > add -Xmx512M in the Runtime Parameter field

I don't know for sure, but this may need to be adjusted every time Java is updated (will know the next time a new Java version is released)

I hope this helps others.

Proxy login box when using an application from desktop

May 31, 2016, 10:43 am
$
0
0

We are using the web content gateway version 8.1.  We have an application that our users run from there desktop that accesses the Internet and executes the application.  However, every time our users run this application they are prompted for proxy authentication.  We put the host address of the application in the allow tunneling of the ssl decryption bypass on the proxy but the users continue to get prompted to authenticate to the proxy before it allows them to use the application.  Can anyone point me in the right direction to help me stop this authentication process through the proxy?  It's an annoyance for my users to have to sign into the proxy again.  Let me know.  Thank you.

New deployment- investigative reports empty/TLogServer empty

June 1, 2016, 7:43 pm
$
0
0

Hi,

I recently had a new deployment done for a customer and a week later the investigative reports showing

If you have just installed reporting tools, the setup program may be preparing your database right now. Please wait 30 minutes and try again. 

it was working but now the above message shows. I did logserver -c and windows says the process crashed. I  re-installed the logserver but still same error.

i ran testlogserver but there are no hits showing, rtm shows fine and filtering works fine but testlogserver showing just accepting connections and no hits as its usually showing.

Any ideas?

thanks!

Website displaying incorrectly on Edge

March 29, 2016, 9:28 am
$
0
0

Hi,

 

Has anyone faced any issues with some websites displaying properly on Microsoft Edge browser? 

Customer has v8.1 with all HF's installed but when opening emirates.com only text is displayed but not images. The customer has an older version, v7.6 of WSG running and that has no issues.

The only difference between old and new web deployments is https inspection.

On the v.8.1 firefox works fine but IE sometimes does not work and edge never displays the page properly.

I have run a testlogserver to see if any image sites within the main url are blocked but all urls are allowed as shown in the tslogserver output.

Any1 have any ideas or faced such issues? 

Thanks!

Search

Meaning of Action taken

April 13, 2016, 3:25 am
$
0
0

Hi All,

 

Please let me know actually what happened in below mentioned two scenarios

Scenario 1: Action in the report is "Confirmed", direction "unknown", Category is "Malicious Websites" and action configured is "Block Access".

Is the malicious website got accessed by the user or it got blocked?

Scenario 2:

Action in the report is "Blocked", direction "Outbound", Category is "Malicious Websites", URL is "differentia.ru", policy is "Test", action configured is "Block Access".
Action in the report is "Authentication Required", direction "unknown", Category is "Malicious Websites", URL is "differentia.ru", policy is "Test", action configured is "Block Access".

Is the malicious website got accessed by the user or it got blocked?

Filtering Service not showing up in Triton

April 14, 2016, 6:22 am
$
0
0

Hey all,

I've set up a RHEL CGW with FIltering Service (firstly installed Filtering Service, then CGW). I've downloaded both from mywebsense.com so they should be the latest version. In the end, this server should really just be a Proxy for one of our affiliates which has bad performance to the Web-Cluster of Websense.

What happens now is that only CGW is showing up in Triton under "Deployment", but not the filtering service. Therefore I can't assign the filtering service to the Filtered Location. 

As I do see the CGW there, I doubt that there is an network issue between the Policy Server (Triton) and my new CGW. Also if I enter the proxy hardcoded to my machine, I can surf through the new CGW, it's just not showing up in Triton.

What I already tried:

-Re-Install Filtering/CGW (in different order, none of them worked, so I remained with the one from the documentation)

-Restarting CGW / Triton (multiple times, both)

-Reaching out to Support.

Did anybody do the same, maybe even with success? Would be nice if you could advice me.

Thanks and BR

Michael

 

BSOD on Windows 2008 R2 with Triton

April 14, 2016, 4:11 am
$
0
0

Hi all.

I have built a new server to run our Triton Web Server to replace our old one which is on Windows 2003.

The new server runs on VMware 5.1, its Windows 2008 R2, with TMG 2010 on there as well, along with Triton Websense, Web Security Build 7.8.4.1390

The machine works great, however when I deploy it to my organisation it will after a little while Blue Screen, with the following error.

Page Fault in Non Paged Area. fwpclnt.sys.

Now I have built loads of guests on VMware and this is the only one we have that gets the BSOD. The server is fully patched and I have another server virtually identical, but without the Triton software and this does NOT have the same issue.

Has anyone got any experience of such an event? I have considered deploying Windows 2012 R2 and re building but TMG does not install on that platform.

Someone must be running the same but not having my issue?

Help!!!!!

 

Websense 8.1 Web Filter & Security Database Names

April 15, 2016, 9:18 am
$
0
0

Hello,

Could someone tell me what the default catalog, partition, and threats partitions database names are in Websense 8.1 Web Filter & Security ?

Are they named the same as prior Websense Web Filter & Security versions: wslogdb70, wslogdb70_x and wslogdb70_amt_1.

 

Thank You

Frank

Euro 2016 - Block

June 6, 2016, 5:44 am
$
0
0

Using v5000 Appliance web security gateway 7.8.4

I have been tasked to block any streaming media sites streaming Euro 2016 games.

We currently block some aspect of streaming media but not all.

Is there a way i can block all Streaming media sites hosting Euro 2016, perhaps using a reg x or certain word search?

 

postgres.exe is not shutting down properly and this requires a reboot for the Policy Database and Settings Database to start

June 15, 2016, 6:20 am
$
0
0

Hello,

 

I have a customer that is on version v8.0.1 and the postgres.exe is not shutting down properly when you stop the Websense Triton Settings Database or the Policy Database.  We are able to shut down the services, but they do not start back up without a reboot.  When attempting to start the Triton Settings Database, we see the following error in the Event Viewer.

FATAL: lock file "postmaster.pid" already exists 
HINT: Is another postmaster (PID 4032) running in data directory "D:/Program Files (x86)/Websense/EIP Infra/pgsql/data"? 


pg_ctl: this data directory appears to be running a pre-existing postmaster 


Timed out waiting for server startup 

When I open the task manager, I can see that a postgres process for the Triton Settings Database is still running with the following command:

 

"D:/Program Files(x86)/Websense/EIP Infra/pgsql/bin/postgres.exe" -D "D:/Program Files(x86)/Websense/EIP Infra/pgsql/data" -c escape_string_warning=off -c standard_conforming_strings=off -p 19432 

Once I kill this process, the service Triton Settings Database is able to start, along with the other Triton services.  Even though the services are running, we are not able to get to the Triton login page.  When looking at the processes in Task Manager, I see a postgres.exe for EIP is still running with this command:

 

"D:/Program Files(x86)/Websense/EIP Infra/pgsql/bin/postgres.exe" --forkbackend "4736" 

 

I am not able to kill the command with the End Task button.  The process continues to run even though all the Triton services are off.  Are there any logs we can take a lot at to troubleshoot this issue?  I am not sure what is causing the postgres.exe to continue running after the services are shut off.

 

Regards,

Trinidad

 

AD groups getting Default policy

June 20, 2016, 9:10 am
$
0
0

The Default policy applies, because no other applicable policy includes a category filter for the current time.

This client is associated with role: Super Administrator.

The request was categorized by: Master database.

Search

Web based MS OneDrive content not loading. message 'something went wrong'

July 1, 2016, 6:06 am
$
0
0

This was working but recently the content of the frame  doesn't load and the message is 'something went wrong'.

Looking at the SSL incidents there are many MS 'Live' sites that have the error message: 

<b><i>VERIFY DENY: depth=0</i></b>, Client Certificate requested: "s2s-api.onedrive.com"

I don't have a client cert for these services so don't see why they would be requesting one.

I don't want to tunnel all (or any) of these sites as I want to carry on scanning the contents for threats.

 

Note: setting the client IP to tunnel does allow the site to work.

has anyone else had this issue recently?


 

Unable to install on Win10 Pro (8.1 or 8.2) any tips?

July 1, 2016, 7:29 am
$
0
0

i'm trying to do an individual install of on a Surface with Win 10 Pro

 

Error I keep getting is "Cannot find install fail of Websense Endpoint.  Installation will Exit"

or

"Cannot find install fail of Forcepoint Endpoint. Installation will exit."

 

Command line is: setup.exe /V "WSCONTEXT="   (and after the = is my wscontext info")

 

 

Problem to send Encrypted emails

July 4, 2016, 8:32 am
$
0
0

Hi,

i am having troubles to send email encrypted.

Error:

ERROR: 0 Incomplete SMTP session (cause: remote host disconnected

can someone help me with this ?

Websense Chrome Extension

January 27, 2016, 11:47 pm
$
0
0

Hi

Is anyone else having issue with the chrome extension making chrome extremely slow.

Keep getting messages "Waiting for extension Websense Endpoint"

We are running latest EP version on v8.1

Database not being populated

July 7, 2016, 11:01 am
$
0
0

New install of AP-WEB 8.2 with packaged SQL Server Express.  During the install, the databases were put on the C: drive.  Post install, they were moved to the data drive they needed to be on, but now the database is not being populated with new data.  The Investigative Reports are not able to display any new information due to this.  Databases were moved by detaching them from SQL, copied them to the new location, and then reattached them in SQL.  The "Partition Management" settings for the Log Database are pointing to the correct location and all "Test Connection" under the Log Server settings are successful.  The Cache\BCP folder is just filing up with tmp files. We have tried going back through the setup for the Log Server, restarting all services (numerous times), switched to ODBC and back, and a few other things.  Anyone have a suggestion?

Viewing all 2011 articles
Browse latest View live
Search