Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 3 subscribers
  • Views 1294 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web application Firewall stop working

Kristof Felsö

Hi,

I have a strange problem, with an Sophos UTM. We use the Webapplication Firewall to connect with Smartphones to the Exchange Server. 

Now it happens regularly but not seldom that the firewall stops working. In this case, no connection from outside is possible. We have 5 Rules in Webapplication Firewall and all of them stop.

All of the rules has an orange exclamation mark, instead of a green hook.

If i deactivate one of the Rules, no metter which an activate it again. All Rules are working an Green again.

Has someone an Idea what this Problem is?

 

I updated the Firewall to the newest Version, lets see if it works now. Thanks for help. 



This thread was automatically locked due to age.
  • 0

    Hi  

    Have you checked the option Enable HTTP keepalive under Advance Settings of Real Webservers? Please read the timeout information as well.

    Enable HTTP keepalive: By default, the WAF uses HTTP keepalive, i.e., HTTP persistent connections, which helps to reduce CPU and memory usage. In rare cases where the real webserver does not support HTTP keepalive properly, this feature can provoke reading errors or timeouts and should then be disabled for the affected webserver. When a virtual webserver is assigned at least one real webserver with HTTP keepalive disabled, the feature will automatically be disabled for all real webservers assigned to this virtual webserver.

    Timeout: Define a connection timeout value, that is the number of seconds the WAF waits for data sent by or sent to the real webserver. Values between 1 and 65535 seconds are allowed. Data can be received as long as the web server sends data before the timeout expires. After expiring, the WAF sends an HTTP 502 message to clients. The default timeout is 300 seconds.

    Disable backend connection pooling: If enabled, the WAF creates a new connection to the backend server every time it is used, instead of reusing an old connection from the connection pool. This option is disabled by default. Only use it if you face connection problems because it may decrease system performance.

    Regards

    Jaydeep

  • 0 in reply to Jaydeep

    Hi Jaydeep,

     

    under real Webservers the Option HTTP Keepalive with Timeout 300 is set. Should we deactivate it? Or increase the Timeout?

  • 0 in reply to Kristof Felsö

    First, try increasing the timeout and then check with disabling that option. If UTM does not receive keep alive before the timeout, it will throw 502 to the client.

    Regards

    Jaydeep

Unfiltered HTML