Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Need help getting HTTP based policy to work

Has anyone been able to set up an HTTP/S server using the HTTP based policy?  

I tried to do so, and was unable to get it to work.  I have since created two non-HTTP based policies (one for port 80 and one for port 443) and now my server is reachable but I don't see the ability to get the WAF protection through that rule.  

I've posted images of the non-working HTTP policy in case someone can see what is wrong and tell me how to correct it.

Images of HTTP policy settings follow.  Thanks.



This thread was automatically locked due to age.
Parents
  • check my post over here, see if you get similar errors in your log file. If so, you can try my steps or the other in the discussion.

    https://community.sophos.com/products/xg-firewall/f/46/t/10942

  • Yes, your post exactly describes the problem that I see in my logs and configuration. While I understand the fix that you performed and can do similar if necessary, I would first like to find out if Sophos plans on fixing this problem?

    If they do plan to fix it, in the next couple of months, then I would be willing to wait for the fix and help in the testing process if they want/need the help. Hopefully one of them reads this and gets in touch with me along those lines.

    In the meantime, I will put the 2 seperate (port 80 and port 443) policies back into place that lets the server function properly until I hear from them or enough time goes by and I get tired of waiting for the fix from them.

    Thanks for your original post. I'm grateful that you took the time to post it.

    For now, I'm not going to mark this as the solution. While I recognize that it will most likely correct the problem, since I am not going to implement it just yet, I can't be 100% certain that it will fix my problem. I would really like to see Sophos correct this so that others don't have to suffer through the same pain that we have experienced.
Reply
  • Yes, your post exactly describes the problem that I see in my logs and configuration. While I understand the fix that you performed and can do similar if necessary, I would first like to find out if Sophos plans on fixing this problem?

    If they do plan to fix it, in the next couple of months, then I would be willing to wait for the fix and help in the testing process if they want/need the help. Hopefully one of them reads this and gets in touch with me along those lines.

    In the meantime, I will put the 2 seperate (port 80 and port 443) policies back into place that lets the server function properly until I hear from them or enough time goes by and I get tired of waiting for the fix from them.

    Thanks for your original post. I'm grateful that you took the time to post it.

    For now, I'm not going to mark this as the solution. While I recognize that it will most likely correct the problem, since I am not going to implement it just yet, I can't be 100% certain that it will fix my problem. I would really like to see Sophos correct this so that others don't have to suffer through the same pain that we have experienced.
Children
No Data