Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 5 subscribers
  • Views 1979 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

RDS 2019 with UTM SG115 (FW 9.605-1) from outside via Webserver Protection

Chris P

Good morning!

 

I try to publish the RDS-Gateway (Server 2019) with the Webserver Protection.

The Portal is running from outside, but the downloades rdp-app is not Working.

After open a APP and I filled the credentials, the following message appears:

"Your computer can not connect to the remtoedesktop-gateway-Server".

 

In the network the rdp-App is sucessfully running.

If i have connected via VPN the Connection is running successfully too (the internal and external name of die RDS is rds.customer.com).

 

The Webserver-Protocoll has logged:

 


Live-Protokoll: Web Application Firewall     

2019:11:17-14:41:09 gate1 httpd[1401]: [url_hardening:error] [pid 1401:tid 3869121392] [client 80.187.108.210:31598] Hostname in HTTP request (gate1.customer.com) does not match the server name (rds.customer.com)
2019:11:17-14:41:09 gate1 httpd: id="0299" srcip="4.103.54.86" localip="100.100.100.106" size="200" user="-" host="4.103.54.86" method="POST" statuscode="200" reason="-" extra="-" exceptions="SkipURLHardening" time="119678" url="/KdcProxy" server="rds.customer.com" port="443" query="" referer="-" cookie="-" set-cookie="-" websocket_scheme="-" websocket_protocol="-" websocket_key="-" websocket_version="-" uid="XdFN9VCTrGoAAAV58goAAABK"
2019:11:17-14:41:10 gate1 httpd: id="0299" srcip="4.103.54.86" localip="100.100.100.106" size="1740" user="-" host="4.103.54.86" method="POST" statuscode="200" reason="-" extra="-" exceptions="SkipURLHardening" time="312106" url="/KdcProxy" server="rds.customer.com" port="443" query="" referer="-" cookie="-" set-cookie="-" websocket_scheme="-" websocket_protocol="-" websocket_key="-" websocket_version="-" uid="XdFN9VCTrGoAAAV58gsAAABK"
2019:11:17-14:41:10 gate1 httpd: id="0299" srcip="4.103.54.86" localip="100.100.100.106" size="265" user="-" host="4.103.54.86" method="RDG_OUT_DATA" statuscode="401" reason="-" extra="-" exceptions="SkipURLHardening" time="66679" url="/remoteDesktopGateway/" server="rds.customer.com" port="443" query="" referer="-" cookie="-" set-cookie="-" websocket_scheme="-" websocket_protocol="-" websocket_key="lRonDjO8aTqOEzWjnGQxlw==" websocket_version="13" uid="XdFN9lCTrGoAAAV58gwAAAA7"
2019:11:17-14:41:10 gate1 httpd: id="0299" srcip="4.103.54.86" localip="100.100.100.106" size="200" user="-" host="4.103.54.86" method="POST" statuscode="200" reason="-" extra="-" exceptions="SkipURLHardening" time="74576" url="/KdcProxy" server="rds.customer.com" port="443" query="" referer="-" cookie="-" set-cookie="-" websocket_scheme="-" websocket_protocol="-" websocket_key="-" websocket_version="-" uid="XdFN9lCTrGoAAAV58g4AAABK"
2019:11:17-14:41:11 gate1 httpd: id="0299" srcip="4.103.54.86" localip="100.100.100.106" size="1740" user="-" host="4.103.54.86" method="POST" statuscode="200" reason="-" extra="-" exceptions="SkipURLHardening" time="265129" url="/KdcProxy" server="rds.customer.com" port="443" query="" referer="-" cookie="-" set-cookie="-" websocket_scheme="-" websocket_protocol="-" websocket_key="-" websocket_version="-" uid="XdFN9lCTrGoAAAV58g8AAABK"
2019:11:17-14:41:11 gate1 httpd: id="0299" srcip="4.103.54.86" localip="100.100.100.106" size="265" user="-" host="4.103.54.86" method="RDG_IN_DATA" statuscode="401" reason="-" extra="-" exceptions="SkipURLHardening" time="63505" url="/remoteDesktopGateway/" server="rds.customer.com" port="443" query="" referer="-" cookie="-" set-cookie="-" websocket_scheme="-" websocket_protocol="-" websocket_key="-" websocket_version="-" uid="XdFN91CTrGoAAAV58hAAAABb"
2019:11:17-14:41:11 gate1 httpd: id="0299" srcip="4.103.54.86" localip="100.100.100.106" size="0" user="-" host="4.103.54.86" method="RDG_IN_DATA" statuscode="200" reason="-" extra="-" exceptions="SkipURLHardening" time="196247" url="/remoteDesktopGateway/" server="rds.customer.com" port="443" query="" referer="-" cookie="-" set-cookie="-" websocket_scheme="-" websocket_protocol="-" websocket_key="-" websocket_version="-" uid="XdFN91CTrGoAAAV58hEAAABb"
2019:11:17-14:41:31 gate1 httpd: id="0299" srcip="4.103.54.86" localip="100.100.100.106" size="221" user="-" host="4.103.54.86" method="RDG_IN_DATA" statuscode="408" reason="-" extra="-" exceptions="SkipURLHardening" time="20118759" url="/remoteDesktopGateway/" server="rds.customer.com" port="443" query="" referer="-" cookie="-" set-cookie="-" websocket_scheme="-" websocket_protocol="-" websocket_key="-" websocket_version="-" uid="XdFN91CTrGoAAAV58hIAAABb"
2019:11:17-14:41:33 gate1 httpd[1401]: [proxy_http:error] [pid 1401:tid 4053760880] (104)Connection reset by peer: [client 4.103.54.86:51989] AH01110: error reading response
2019:11:17-14:41:33 gate1 httpd: id="0299" srcip="4.103.54.86" localip="100.100.100.106" size="10" user="-" host="4.103.54.86" method="RDG_OUT_DATA" statuscode="200" reason="-" extra="-" exceptions="SkipURLHardening" time="23355292" url="/remoteDesktopGateway/" server="rds.customer.com" port="443" query="" referer="-" cookie="-" set-cookie="-" websocket_scheme="-" websocket_protocol="-" websocket_key="lRonDjO8aTqOEzWjnGQxlw==" websocket_version="13" uid="XdFN9lCTrGoAAAV58g0AAAA7"

 

The Setup is:

 

 

If i changed the firewall profile to "no profile" it doesn`t work too!

Do you have any ideas?

Thank you and a nice sunday!



This thread was automatically locked due to age.
Parents
  • 0

    looks not bad ... but

    the firs log entry shows a certifcate-error: (gate1.customer.com) does not match the server name (rds.customer.com)

    Try to solve this first...


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

  • 0 in reply to dirkkotte

    thank you!

     

    But on which position i have to make a change?

     

    gate1.customer.com is the DNS name/Destination of UTM.

     

    The request is routed from outside via DNS with rds.customer.com and the virtual webserver is configured too, for rds.customer.com.

    The RDS-Gateway have already the same dns name: rds.customer.com

     

    Regards

    Chris

  • 0 in reply to Chris P

    Don't know much about RDS publishing.

    But looks like your website/webgateway send the link "gate1.customer.com" to the client.

    Than Client tryes to call "gate1.customer.com" to establish the RDP Session.

    I think this is to configure somewhere within RDS Setup.


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

Reply
  • 0 in reply to Chris P

    Don't know much about RDS publishing.

    But looks like your website/webgateway send the link "gate1.customer.com" to the client.

    Than Client tryes to call "gate1.customer.com" to establish the RDP Session.

    I think this is to configure somewhere within RDS Setup.


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

Children
No Data
Unfiltered HTML