Published Webserver (Microsoft Terminalserver Web RDG) only chinese after Upgrading UTM to 9.700

Hi,

after Upgrading UTM to 9.700-5 my published Webserver (Microsoft Terminalserver Web "RDWEB") looks like this:

Turning webserver publishing of and using a NAT rule on port 443 for this server and it's all fine (but unwanted).

This "feature" was not existing in Version 9.6.

Any ideas what happend?

Thanks for hints Gernot

  • Hi  

    What do you find in Revereseproxy logs when you open this page? Please check that and see if there is any error mentioned in the logs.

  • In reply to Jaydeep:

    Checked Web Server Log (mostly status code 301 and 302:

    2020:02:05-20:51:09 Sophos httpd: id="0299" srcip="47.11.08.15" localip="x.y.z.a" size="196" user="-" host="47.11.08.15" method="GET" statuscode="302" reason="-" extra="-" exceptions="SkipURLHardening" time="127230660" url="/RDWeb/Pages/de-DE/Default.aspx" server="my.sophos.com" port="443" query="" referer="-" cookie="-" set-cookie="-" websocket_scheme="-" websocket_protocol="-" websocket_key="-" websocket_version="-" uid="XjscLhfqBu9j9MvtblvL2AAAAC8"
    2020:02:05-20:51:09 Sophos httpd: id="0299" srcip="47.11.08.15" localip="x.y.z.a" size="5614" user="-" host="47.11.08.15" method="GET" statuscode="200" reason="-" extra="-" exceptions="SkipURLHardening" time="6138" url="/RDWeb/Pages/de-DE/login.aspx" server="my.sophos.com" port="443" query="?ReturnUrl=default.aspx" referer="-" cookie="-" set-cookie="-" websocket_scheme="-" websocket_protocol="-" websocket_key="-" websocket_version="-" uid="XjscrRfqBu9j9MvtblvL@wAAAC8"
    2020:02:05-20:51:14 Sophos httpd[10809]: [url_hardening:error] [pid 10809:tid 3733216112] [client 47.11.08.15:55558] No signature found, URI: https://my.sophos.com/
    2020:02:05-20:51:14 Sophos httpd: id="0299" srcip="47.11.08.15" localip="x.y.z.a" size="209" user="-" host="47.11.08.15" method="GET" statuscode="403" reason="url hardening" extra="No signature found" exceptions="-" time="329" url="/" server="my.sophos.com" port="443" query="" referer="-" cookie="-" set-cookie="-" websocket_scheme="-" websocket_protocol="-" websocket_key="-" websocket_version="-" uid="XjscshfqBu9j9MvtblvL-QAAAC8"
    2020:02:05-20:51:55 Sophos httpd: id="0299" srcip="47.11.08.15" localip="x.y.z.a" size="216" user="-" host="47.11.08.15" method="GET" statuscode="301" reason="-" extra="-" exceptions="SkipURLHardening" time="40525" url="/rdweb" server="my.sophos.com" port="443" query="" referer="-" cookie="-" set-cookie="-" websocket_scheme="-" websocket_protocol="-" websocket_key="-" websocket_version="-" uid="Xjsc2xfqBu9j9MvtblvMBwAAAAg"
    2020:02:05-20:51:55 Sophos httpd: id="0299" srcip="47.11.08.15" localip="x.y.z.a" size="176" user="-" host="47.11.08.15" method="GET" statuscode="302" reason="-" extra="-" exceptions="SkipURLHardening" time="3082" url="/RDWeb/Pages/default.aspx" server="my.sophos.com" port="443" query="" referer="-" cookie="-" set-cookie="-" websocket_scheme="-" websocket_protocol="-" websocket_key="-" websocket_version="-" uid="Xjsc2xfqBu9j9MvtblvMCAAAAAg"
    2020:02:05-20:51:55 Sophos httpd: id="0299" srcip="47.11.08.15" localip="x.y.z.a" size="196" user="-" host="47.11.08.15" method="GET" statuscode="302" reason="-" extra="-" exceptions="SkipURLHardening" time="2629" url="/RDWeb/Pages/de-DE/Default.aspx" server="my.sophos.com" port="443" query="" referer="-" cookie="-" set-cookie="-" websocket_scheme="-" websocket_protocol="-" websocket_key="-" websocket_version="-" uid="Xjsc2xfqBu9j9MvtblvMCQAAAAg"
    2020:02:05-20:51:55 Sophos httpd: id="0299" srcip="47.11.08.15" localip="x.y.z.a" size="5614" user="-" host="47.11.08.15" method="GET" statuscode="200" reason="-" extra="-" exceptions="SkipURLHardening" time="6078" url="/RDWeb/Pages/de-DE/login.aspx" server="my.sophos.com" port="443" query="?ReturnUrl=default.aspx" referer="-" cookie="-" set-cookie="-" websocket_scheme="-" websocket_protocol="-" websocket_key="-" websocket_version="-" uid="Xjsc2xfqBu9j9MvtblvMCgAAAAg"
     

  • Hallo Gernot,

    First, try restoring the backup made just prior to applying the Up2Date.

    If that doesn't work, what happens if you delete and re-create the Real Server, Virtual Server and Firewall Profile?

    The other thing you can do is use the version-change trick and re-apply the Up2Date (make sure you know what you're doing and you might want to get permission from Support to do this at the command line).  Assuming you Up2Dated to 9.7 from 9.605: as root, copy and paste the following block at the command line:

    # Version change trick
    echo ' 9.605001'>/etc/version
    cd /var/up2date/sys
    wget http://ftp.astaro.com/pub/UTM/v9/up2date/u2d-sys-9.605001-700005.tgz.gpg
    # Prepare to apply in WebAdmin
    /sbin/auisys.plx --showdesc

    Afterwards, apply the Up2Date in WebAdmin.

    Any luck?

    Cheers - Bob