Thread Info
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Can not access hosted website with Sophos Installed

Jonathan Sullivan1

I have a server that hosts multiple dockers out to a website.  I just installed my Sophos and configured a basic Lan > Wan rule with no web filtering at all. But when I go to the sites I get a 522 error.  So I believe all I need to do is to get Sophos to allow Cloudflare to talk to my server? Or maybe it is an SSL issue? 

Does anyone have some tips on what to check or try out? 



This thread was automatically locked due to age.
  • 0

    Hi,

    when reviewing logviewer for what is happening to traffic using the rule what do you see?
    ian

    XGS118 - v21.0.1 MR1

    XG115 converted to software licence v21.0.1 MR-1

    If a post solves your question please use the 'Verify Answer' button.

  • 0

    I think I found the issue but I am not sure how to resolve it, my previous router was Port forwarding 80 to 180 and 443 to 1443 to allow the webserver to communicate with the WAN.   There is no direct port forwarding settings available on the Sophos so I'm struggling with the process of how to configure this to work. 

    • 0 in reply to Jonathan Sullivan1

      Hello Jonathan,

      Thank you for contacting the Sophos Community.

      Port forwarding is a synonym of DNAT, you can configure DNAT by following this doc link

      Regards,

       
      Emmanuel (EmmoSophos)
      Technical Team Lead, Global Community Support
      Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
      If a post solves your question use the 'Verify Answer' link.
      • 0 in reply to emmosophos

        I have resolved the forwarding issues however my current problem has to do with reliability. When testing with the policy test I can access my websites every time, however when I first try to connect to them I get ERR_CONNECTION_TIMED_OUT

        After I wait for 1-2 minutes and refresh it loads with no issue and is good for a while, then the issue reappears. 

      • 0 in reply to Jonathan Sullivan1

        This issue has been partially solved.  For anyone else having this issue I was using LetsEncrypt (Swag) Docker on Unraid to make some of my docker containers accessible through the web. (Tutorial from SpaceInvaderOne on YouTube). 

        On my old Asus router there were simple port forwarding options in the WAN configuration, since Sophos is an actual firewall you have to do some different changes to allow port 443 out using port 1443 (or whatever port your docker uses)  Sophos has a video on NAT Enhancements, the relevant part is the PAT section. Following that I was able to forward the port and have the webserver start working immediately. 

        https://www.youtube.com/watch?v=-ekWg2Lvo5M&t=1117s

        Now the only problem I have is that the webserver can not be accessed internally. Not really sure how to configure that portion. 

        • 0 in reply to Jonathan Sullivan1

          Do you have a firewall rule allowing internal access b between XG ports?

          ian

          XGS118 - v21.0.1 MR1

          XG115 converted to software licence v21.0.1 MR-1

          If a post solves your question please use the 'Verify Answer' button.

          • 0 in reply to rfcat_vk

            I have rules configured where I can reach the sites externally and internally however there is an issue where some of the sites return with a "error connection timed out" when trying to connect to my internal network but only some of the time. The real problem is that if I leave it alone for a while and then refresh, it loads without issue. 

        Unfiltered HTML