Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 9 replies
  • Answers 1 answer
  • Subscribers 40 subscribers
  • Views 1960 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Can not access hosted website with Sophos Installed

Jonathan Sullivan1

I have a server that hosts multiple dockers out to a website.  I just installed my Sophos and configured a basic Lan > Wan rule with no web filtering at all. But when I go to the sites I get a 522 error.  So I believe all I need to do is to get Sophos to allow Cloudflare to talk to my server? Or maybe it is an SSL issue? 

Does anyone have some tips on what to check or try out? 



This thread was automatically locked due to age.
Parents
  • 0

    I think I found the issue but I am not sure how to resolve it, my previous router was Port forwarding 80 to 180 and 443 to 1443 to allow the webserver to communicate with the WAN.   There is no direct port forwarding settings available on the Sophos so I'm struggling with the process of how to configure this to work. 

  • 0 in reply to Jonathan Sullivan1

    This issue has been partially solved.  For anyone else having this issue I was using LetsEncrypt (Swag) Docker on Unraid to make some of my docker containers accessible through the web. (Tutorial from SpaceInvaderOne on YouTube). 

    On my old Asus router there were simple port forwarding options in the WAN configuration, since Sophos is an actual firewall you have to do some different changes to allow port 443 out using port 1443 (or whatever port your docker uses)  Sophos has a video on NAT Enhancements, the relevant part is the PAT section. Following that I was able to forward the port and have the webserver start working immediately. 

    https://www.youtube.com/watch?v=-ekWg2Lvo5M&t=1117s

    Now the only problem I have is that the webserver can not be accessed internally. Not really sure how to configure that portion. 

  • 0 in reply to Jonathan Sullivan1

    Do you have a firewall rule allowing internal access b between XG ports?

    ian

    XG115W - v20.0.3 MR-3 - on holiday

    XGS118 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

Reply Children
  • 0 in reply to rfcat_vk

    I have rules configured where I can reach the sites externally and internally however there is an issue where some of the sites return with a "error connection timed out" when trying to connect to my internal network but only some of the time. The real problem is that if I leave it alone for a while and then refresh, it loads without issue. 

Unfiltered HTML