cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
lubomir_cerny
Level 12
Report Inappropriate Content
Message 1 of 6
‎03-31-2020 12:49 PM

Slow connection to use.fontawesome.com

Jump to solution

Hi folks,

I observe very slow response from MWG setting https connections to use.fontawesome.com. I guess the point is with long SSL ciphers variants to choose from.

Can you propose tested Server cipher list for MWG SSL Scaner ?

Labels (3)
Labels
0 Kudos
Reply
1 Solution

Accepted Solutions
mkutrieba
Employee
Employee
Report Inappropriate Content
Message 6 of 6
‎04-03-2020 01:43 AM

Re: Slow connection to use.fontawesome.com

Jump to solution

Okay, this most likely means, that either DNS host was not resolvable or more common, that external connection was timing out, then MWG closes connection and indicates a block page with 502 error to client to tell that it could not connect to destination in time.

More details here in best practices article:
https://community.mcafee.com/t5/Documents/Web-Gateway-Understanding-HTTP-502-s/ta-p/554073

Regards,
Marcel Kutrieba
Technical Support Engineer

If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

View solution in original post

0 Kudos
Reply
5 Replies
mkutrieba
Employee
Employee
Report Inappropriate Content
Message 2 of 6
‎04-03-2020 12:33 AM

Re: Slow connection to use.fontawesome.com

Jump to solution

Hello,

this is hard to say without seeing debug data etc.

In general, we do not "recommend" to use any specific ciphers in SSL settings anymore. MWG does no longer have Ciphers configured (cipher list is just empty) since many versions which means, that the ciphers provided by browser will be taken.

Of course, customer can configure a cipher list as required/wished depending on the environment.

If you think, that slowness is caused by cipher list, then you could run a test with duplicate/test setting which does have same ciphers configured where you assign only your client IP for testing purpose. Then reproduce the slowness issue, after that remove all ciphers, test again and check if issue is resolved or not.

In general, slowness could occur on many ends (client/server connection, DNS, Authentication,..). So maybe a Service Request with debug data (Feedback file, tcpdump, connection trace and rule trace) is needed to check this from all perspectives.

Let us know if you have further questions.

Regards,
Marcel Kutrieba
Technical Support Engineer

If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!
Reply
lubomir_cerny
Level 12
Report Inappropriate Content
Message 3 of 6
‎04-03-2020 12:46 AM

Re: Slow connection to use.fontawesome.com

Jump to solution

Hi Marcel.

Thank you for comment. Nice to know that empty cipher suite list will use method proposed by client browser. It is new for me. Our current setting was defined by security and was preserved during several upgrades.

Nevertheless empty ciphers list did not solved slowness to this specific site. I will try to debug this deeper and give feedback.

Have a nice day.

0 Kudos
Reply
mkutrieba
Employee
Employee
Report Inappropriate Content
Message 4 of 6
‎04-03-2020 01:02 AM

Re: Slow connection to use.fontawesome.com

Jump to solution

no problem. I attach a screenshot showing a SSL setting from fresh installed 8.2.X version.Default Certificate Verification.JPG

 

Here you can see that Server Cipher list is empty and only alternative server cipher list is filled.

If you want, you can also import "HTTPS Scanning" rule set from library but take care when doing so. It will indicate that some settings are existing where you get the option to use the existing ones or create duplicate of them with new naming.
Not that you mix up anything or overwrite productive settings. You can also use a test installation to perform the tests, adjust the policy and if all is verified you can take a backup of test machine and restore policy in productive system afterwards. In this case, always take a backup of productive system! 😊

Let us know if you have further questions.

Regards,
Marcel Kutrieba
Technical Support Engineer

If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!
Reply
lubomir_cerny
Level 12
Report Inappropriate Content
Message 5 of 6
‎04-03-2020 01:25 AM

Re: Slow connection to use.fontawesome.com

Jump to solution
Debuging browser session via Fiddler, I have found, that slow response is result of HTTP 502 - The proxy could not connect to the destination in time. I have to forward this issue to security to check other sources.
Thank you for your help.
0 Kudos
Reply
mkutrieba
Employee
Employee
Report Inappropriate Content
Message 6 of 6
‎04-03-2020 01:43 AM

Re: Slow connection to use.fontawesome.com

Jump to solution

Okay, this most likely means, that either DNS host was not resolvable or more common, that external connection was timing out, then MWG closes connection and indicates a block page with 502 error to client to tell that it could not connect to destination in time.

More details here in best practices article:
https://community.mcafee.com/t5/Documents/Web-Gateway-Understanding-HTTP-502-s/ta-p/554073

Regards,
Marcel Kutrieba
Technical Support Engineer

If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!
0 Kudos
Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use our Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from product experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by employees.
Join the Community
Join the Community

TrellixSkyhigh Security | Support Trellix.com SkyhighSecurity.com

Legal Privacy Copyright © 2023 Musarubra US LLC