Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 40 subscribers
  • Views 1772 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WAF reverse proxy with not working

Tom-

Hello,

once enebaled the following option reverse proxy does not work anymore.

Cookie signing
URLHardening


tailf /log/reverseproxy.log

[Mon Feb 06 22:15:41.552601 2023] [core:warn] [pid 13179:tid 140605555216064] AH00111: Config variable ${URLHardening_HTTP_Hostname} is not defined
[Mon Feb 06 22:15:41.552651 2023] [core:warn] [pid 13179:tid 140605555216064] AH00111: Config variable ${URLHardening_HTTP_Hostname} is not defined
AH00112: Warning: DocumentRoot [/sdisk/waffiles/{removed for privavy}] does not exist
AH00526: Syntax error on line 100 of /cfs/waf/reverseproxy.conf:
Invalid encrypted key

even without anything in web protection policy I'm getting

AH00112: Warning: DocumentRoot [/sdisk/waffiles/{removed for privavy}] does not exist

but not the Syntax error on line 100 of /cfs/waf/reverseproxy.conf anymore



This thread was automatically locked due to age.
  • +1

    Hello!

    This is a known issue, you can find more information about it in this community post.

    I recommend you to open a case with the Support to get this fixed, for the meantime disabling URL Hardening should fix this issue temporarily.

    Thanks!

    If a post solves your question use the 'Verify Answer' button.

    Ryzen 5600U + I226-V (KVM) v21 EAP @ Home

    Sophos ZTNA (KVM) @ Home

  • 0 in reply to Prism

    Hello,
    you are right with the know issue. However, this is a SFVH so there is no way for support case. Would be nice Sophos would post how to recreate the Signing Key.

    Note: This is not related to secure storage master key recreation.

Unfiltered HTML