XG Reverse Proxy fails

Question

Hello experts 
 I am struggling to get a Docker container of vaultwarden up and running in my internal network. Since vaultwarden has limited support for HTTPS, I tried to use XG as reverse proxy, but I cannot connect. I assume, it is irrelevant for the setup whether the protected server is a container or something else. It would be great, if you can give me a hint how I can find out what I have done wrong. 
 
 I can connect via HTTP to the container (protected server - I call it real server here) directly.

In XG, I created a web server like this:

My firewall rule looks like this. I have tested with different gateways (Port 1.*) but none of them worked. As I wrote above, this setup is in my internal network and I have no access from the internet which would be the WAN port.

The only XG test option I found was the policy test and that looks good to my - at least it ist green even though I do not know what 'Not decrypted' means.

For any suggestions, how to find out what is missing, I am very thankful. 
 
 Thank you 
 Patric

Prism · Answer

Patric Beuthen said: When I open the log and try to access the domain, no log entries show up. 
 
 This really looks like a DNS issue. 
 Just to be sure WAF is running as expected, can you access "">">">https://firewallip:1443", and check if It shows a "403 Forbidden." error? 
 From your images It should be "">">">10.10.150.1:1443". 
 Also check if something appears on the Log Viewer after this, if it does then It's DNS. 
 EDIT: I've used the Sophos Firewall WAF with Vaultwarden for ~8 months (hosted on a docker container.) Back then it worked as expected. (Including the WebSockets notifications.)

XG Reverse Proxy fails

Top Replies