Block pages do not get shown to the client when using Advanced Threat Protection 2.3 in Blocking mode

book

Article ID: 169750

calendar_today

Updated On:

Products

Advanced Threat Protection Platform

Issue/Introduction

When using the Advanced Threat Protection appliance in Inline Blocking mode, blocking pages do not show in the browser for blocked requests. When going through setup, static routes were provided for inside the LAN and the default gateway set for the Inline interface is set to the WAN side as documented on pages 60 and page 17 of the Symantec Advanced Threat Protection 2.3 Administration Guide.

Connection Timeout or Page Cannot be Displayed error in the web browser

Cause

This will happen when the Default Gateway for the Inline1/2 connection is on the WAN side of the ATP and the firewall is not allowing egress traffic to flow back ingress from the firewall. Static Routes do not apply to the LAN/WAN interfaces.

Resolution

You will need to change the Default Gateway setting for the LAN1 interface to be on the LAN side, instead of the WAN side as specified in the Administration Guide. This will not change how traffic that is not explicitly addressing the Inline IP is routed through the LAN/WAN interfaces.