Somebody successfully pblished Windows Terminalserver 2019 with Sophos XG

We managed to get it going and I wanted to paste screenshots of our config but apparently that is not supported on this forum from 199x 

Basically create a policy like:
Enable RPC (Pass Outlook Anywhere)
Mode: Reject
No cookie signing
Static URL hardening enabled for:
/
/rpc
/favicon.ico
/rpc/rpcproxy.dll?localhost:3388
/rpc/rpcproxy.dll
/rpc/rpcWithCert

No form hardening
No AV
Block bad repu: enabled
skip remote lookups: disabled
Common threat filter: On (level 1)
Skip filter rules:
911100
920100
920340
920440
960015
960032
960035
960911
981172
981176
981204
SQL injection diabled - all others enabled

Then in your WAF rule don't use Path Specific Routing and in the exceptions section create 1 that disables URL hardening for these sites:

/RDWeb/*,/rpc/*,/rpcWithCert/*

Rasmus

We managed to get it going and I wanted to paste screenshots of our config but apparently that is not supported on this forum from 199x 

Basically create a policy like:
Enable RPC (Pass Outlook Anywhere)
Mode: Reject
No cookie signing
Static URL hardening enabled for:
/
/rpc
/favicon.ico
/rpc/rpcproxy.dll?localhost:3388
/rpc/rpcproxy.dll
/rpc/rpcWithCert

No form hardening
No AV
Block bad repu: enabled
skip remote lookups: disabled
Common threat filter: On (level 1)
Skip filter rules:
911100
920100
920340
920440
960015
960032
960035
960911
981172
981176
981204
SQL injection diabled - all others enabled

Then in your WAF rule don't use Path Specific Routing and in the exceptions section create 1 that disables URL hardening for these sites:

/RDWeb/*,/rpc/*,/rpcWithCert/*

Rasmus

Hello Ali,

You can add screenshots to the post.

You just need to click the Insert bottom > Image/video/file > (in the new window that open, click the gray letters) >> UPLOAD, ( a new window will open) search the screenshot you want to upload), click OPEN, and then OK. 

Regards,

Hi Emmanuel,

Yeah I know. But the fact that you needed two full lines to describe how, kind of proves my point. This is 2022, days of HTML5 etc., and most forum users expect CTRL-V and inline images. You can consider it a feature request :)

offtopic: STRG+V works here. Most of the times.

From my experience: if nothing happens, the image in clipboard is probably too big (4K display, fullsize window screenshot?). shrink it before pasting.

If still not working: start a new in private session to avoid cache issues.

btw: emmosophos I must admit I never ever thought this grey text would be clickable or open a new upload file window. This should be made better visible..

 (pasted by STRG+V)

Hello Ase, thank you for the feedback, yes I just wanted to highlight it’s possible to do, but it’sn’t the most friendly way, but this will be improved in a future update of the community! By the way, if you copy and press CTRL - V, it should allow you to post the image too. 

Quick Edit: It looks like we might not need to wait until the next big update/upgrade to the community forum, and at least the bottom can be changed of color.

Hello LHerzog,

Thank you for the feedback, yes me neither the very first time I saw it. But this will be updated.

Quick Edit: It looks like we might not need to wait until the next big update/upgrade to the community forum, and at least the bottom can be changed of color, so it can reflect in a better way.

Regards,