Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 4 replies
  • Answers 2 answers
  • Subscribers 3 subscribers
  • Views 1448 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Published Webserver (Microsoft Terminalserver Web RDG) only chinese after Upgrading UTM to 9.700

GernotMeyer

Hi,

after Upgrading UTM to 9.700-5 my published Webserver (Microsoft Terminalserver Web "RDWEB") looks like this:

Turning webserver publishing of and using a NAT rule on port 443 for this server and it's all fine (but unwanted).

This "feature" was not existing in Version 9.6.

Any ideas what happend?

Thanks for hints Gernot



This thread was automatically locked due to age.
  • 0

    Hi  

    What do you find in Revereseproxy logs when you open this page? Please check that and see if there is any error mentioned in the logs.

    Regards

    Jaydeep

  • 0 in reply to Jaydeep

    Checked Web Server Log (mostly status code 301 and 302:

    2020:02:05-20:51:09 Sophos httpd: id="0299" srcip="47.11.08.15" localip="x.y.z.a" size="196" user="-" host="47.11.08.15" method="GET" statuscode="302" reason="-" extra="-" exceptions="SkipURLHardening" time="127230660" url="/RDWeb/Pages/de-DE/Default.aspx" server="my.sophos.com" port="443" query="" referer="-" cookie="-" set-cookie="-" websocket_scheme="-" websocket_protocol="-" websocket_key="-" websocket_version="-" uid="XjscLhfqBu9j9MvtblvL2AAAAC8"
    2020:02:05-20:51:09 Sophos httpd: id="0299" srcip="47.11.08.15" localip="x.y.z.a" size="5614" user="-" host="47.11.08.15" method="GET" statuscode="200" reason="-" extra="-" exceptions="SkipURLHardening" time="6138" url="/RDWeb/Pages/de-DE/login.aspx" server="my.sophos.com" port="443" query="?ReturnUrl=default.aspx" referer="-" cookie="-" set-cookie="-" websocket_scheme="-" websocket_protocol="-" websocket_key="-" websocket_version="-" uid="XjscrRfqBu9j9MvtblvL@wAAAC8"
    2020:02:05-20:51:14 Sophos httpd[10809]: [url_hardening:error] [pid 10809:tid 3733216112] [client 47.11.08.15:55558] No signature found, URI: https://my.sophos.com/
    2020:02:05-20:51:14 Sophos httpd: id="0299" srcip="47.11.08.15" localip="x.y.z.a" size="209" user="-" host="47.11.08.15" method="GET" statuscode="403" reason="url hardening" extra="No signature found" exceptions="-" time="329" url="/" server="my.sophos.com" port="443" query="" referer="-" cookie="-" set-cookie="-" websocket_scheme="-" websocket_protocol="-" websocket_key="-" websocket_version="-" uid="XjscshfqBu9j9MvtblvL-QAAAC8"
    2020:02:05-20:51:55 Sophos httpd: id="0299" srcip="47.11.08.15" localip="x.y.z.a" size="216" user="-" host="47.11.08.15" method="GET" statuscode="301" reason="-" extra="-" exceptions="SkipURLHardening" time="40525" url="/rdweb" server="my.sophos.com" port="443" query="" referer="-" cookie="-" set-cookie="-" websocket_scheme="-" websocket_protocol="-" websocket_key="-" websocket_version="-" uid="Xjsc2xfqBu9j9MvtblvMBwAAAAg"
    2020:02:05-20:51:55 Sophos httpd: id="0299" srcip="47.11.08.15" localip="x.y.z.a" size="176" user="-" host="47.11.08.15" method="GET" statuscode="302" reason="-" extra="-" exceptions="SkipURLHardening" time="3082" url="/RDWeb/Pages/default.aspx" server="my.sophos.com" port="443" query="" referer="-" cookie="-" set-cookie="-" websocket_scheme="-" websocket_protocol="-" websocket_key="-" websocket_version="-" uid="Xjsc2xfqBu9j9MvtblvMCAAAAAg"
    2020:02:05-20:51:55 Sophos httpd: id="0299" srcip="47.11.08.15" localip="x.y.z.a" size="196" user="-" host="47.11.08.15" method="GET" statuscode="302" reason="-" extra="-" exceptions="SkipURLHardening" time="2629" url="/RDWeb/Pages/de-DE/Default.aspx" server="my.sophos.com" port="443" query="" referer="-" cookie="-" set-cookie="-" websocket_scheme="-" websocket_protocol="-" websocket_key="-" websocket_version="-" uid="Xjsc2xfqBu9j9MvtblvMCQAAAAg"
    2020:02:05-20:51:55 Sophos httpd: id="0299" srcip="47.11.08.15" localip="x.y.z.a" size="5614" user="-" host="47.11.08.15" method="GET" statuscode="200" reason="-" extra="-" exceptions="SkipURLHardening" time="6078" url="/RDWeb/Pages/de-DE/login.aspx" server="my.sophos.com" port="443" query="?ReturnUrl=default.aspx" referer="-" cookie="-" set-cookie="-" websocket_scheme="-" websocket_protocol="-" websocket_key="-" websocket_version="-" uid="Xjsc2xfqBu9j9MvtblvMCgAAAAg"
     

  • 0

    Hallo Gernot,

    First, try restoring the backup made just prior to applying the Up2Date.

    If that doesn't work, what happens if you delete and re-create the Real Server, Virtual Server and Firewall Profile?

    The other thing you can do is use the version-change trick and re-apply the Up2Date (make sure you know what you're doing and you might want to get permission from Support to do this at the command line).  Assuming you Up2Dated to 9.7 from 9.605: as root, copy and paste the following block at the command line:

    # Version change trick
    echo ' 9.605001'>/etc/version
    cd /var/up2date/sys
    wget http://ftp.astaro.com/pub/UTM/v9/up2date/u2d-sys-9.605001-700005.tgz.gpg
    # Prepare to apply in WebAdmin
    /sbin/auisys.plx --showdesc

    Afterwards, apply the Up2Date in WebAdmin.

    Any luck?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Thanks for that and sorry for late answer (productive machine and no time slot to check)

    It seems that a simple reboot of the reverse proxy solved the problem...

    What is also a thought (but only a guess): There is some caching machanism within the sophos. Just waiting 2 hours and it is fine as well.

    This i guess because it also hits browser that never used that page before!

    Best from Berlin

    Gernot

Unfiltered HTML