This guide provides admins with a general procedure to follow in order to identify and troubleshoot common Internet Threat Protection issues. Use this doc to map symptoms to causes and apply resolutions before escalating to support.
Step 1: Identify the symptom(s)
For example, a public website or a local website may be unexpectedly inaccessible or unexpectedly accessible to end users in your org; alternatively, end users in your org may be experiencing high latency.
Step 2: Verify the environment
Check for network connectivity, verify that the applicable ITP policy configuration is accurate and current (e.g., check which domain categories, apps, specific domains, and geo-locations you've selected to block), and verify your org's licensing (i.e., ensure that you have SIA licenses).
Step 3: Collect logs and diagnostic info
Step 4: Apply relevant fixes
This may involve adjusting your ITP policy configuration to correct unexpected behaviours (e.g., adding a domain or URL to Domain & URL Bypass, adding a domain or URL to Domain & URL Blocking, or adjusting Application Filtering or Application Bypass) or adjusting your firewall rules to accept swg agent traffic.
Step 5: Escalate to support
If further assistance is required, reach out to support at support@sonicwall.com.
Symptom: A URL added to Domain & URL Blocking or Domain & URL Bypass on an ITP policy is not enforced. Domain entries on the same policy continue to work.
Root cause: URL entries are enforced only when SSL decryption is enabled on the ITP policy. If SSL decryption was turned off (or was never on), URLs on the policy are kept but not enforced. The console surfaces a red outline on the affected entries and an inline error in the relevant section.
Resolution:
If a URL still does not enforce after SSL decryption is on, confirm the URL is not also bypassed elsewhere — bypasses are processed before block rules. See How ITP rules are processed.
| Error code | Definition |
|---|---|
| 403 | server understands but denies authorization of request |
| 400 | invalid request; improper syntax or content |
| 401 | authentication required or authentication failed |
| 404 | resource doesn't exist |