Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Web Security Frequently Asked Questions : What do I do when the wrong policy is being applied to requests?
What do I do when the wrong policy is being applied to requests?
Topic 50513 | Web Security FAQ | Websense Web Security Solutions | Updated 07-Feb-2014
When a user's requests are not managed by the expected policy, and you have confirmed that the user is being identified correctly, use these steps to help identify and resolve the problem.
1.
a.
In the Web Security manager, go to the Status > Alerts page and make sure no subscription-related alerts appear in the Health Alert Summary.
b.
Navigate to the Settings > General > Account page and verify that your subscription key appears, the expiration date has not passed, and the number of subscribed network users is greater than 0.
2.
a.
Check for alerts on the Status > Alerts page.
b.
If no alerts appear, click Database Download in the toolbar at the top of the dashboard, and make sure all Filtering Service instances show a successful last download, and that all downloads happened within the last 2 weeks (14 days).
If there are any messages, or if the database is outdated, click Update to initiate a manual update.
3.
*
Look for Filtering Service alerts on the Status > Alerts page. Click the Solutions link next to any alert for troubleshooting steps.
*
*
Check the websense.log file in the Websense bin directory (C:\Program Files (x86)\Websense\Web Security\bin or /opt/Websense/bin/, by default) for EIMServer (Filtering Service) errors.
4.
*
*
5.
Run the WebsensePing utility to see what happens when a user requests a site. Refer to URL categories and filtering status for instructions.
6.
7.
To update the cache, log on to the Web Security manager and navigate to the Settings > General > Directory Services page, then click Clear Cache.
8.
a.
On the client machine, open a Command Prompt and ping the Filtering Service machine.
b.
netstat -an |find "15871"
c.
From the client, open a telnet session to the Filtering Service machine on port 15871.
telnet <ip_address> 15871
If telnet fails, ensure there are no local firewalls or devices between the client and Filtering Service that are blocking the port.
9.
http://<Filtering_Service_IP_address>:15871/cgi-bin/blockpage.cgi?
*
If you see an Invalid Request message, Filtering Service is active and listening. This means that the client can reach Filtering Service but there may be DNS issues.
*
If you see a Page Cannot be Displayed message, there are connectivity issues between the machines.

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Web Security Frequently Asked Questions : What do I do when the wrong policy is being applied to requests?
Copyright 2016 Forcepoint LLC. All rights reserved.