New Sophos Support Phone Numbers in Effect July 1st, 2023

XG Reverse Proxy fails

Hello experts

I am struggling to get a Docker container of vaultwarden up and running in my internal network. Since vaultwarden has limited support for HTTPS, I tried to use XG as reverse proxy, but I cannot connect. I assume, it is irrelevant for the setup whether the protected server is a container or something else. It would be great, if you can give me a hint how I can find out what I have done wrong.
I can connect via HTTP to the container (protected server - I call it real server here) directly.
In XG, I created a web server like this:
My firewall rule looks like this. I have tested with different gateways (Port 1.*) but none of them worked. As I wrote above, this setup is in my internal network and I have no access from the internet which would be the WAN port.
The only XG test option I found was the policy test and that looks good to my - at least it ist green even though I do not know what 'Not decrypted' means.
 For any suggestions, how to find out what is missing, I am very thankful.
Thank you

Added TAGs
[edited by: Erick Jan at 9:05 AM (GMT -7) on 31 Mar 2023]