This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Jitsi Meet mit WAF

Hallo,

hat jemand schon mal Jitsi Meet Server hinter einer Sophos über die WAF zum laufen gebracht?

Klar könnte ich die Ports direkt weiter leiten, aber dann ist ja Exchange und andere Dienste per HTTPs WAF nicht mehr erreichbar.

Hätte hier vielleicht jemand einen Tipp für mich?

Grüße Frank



This thread was automatically locked due to age.
Parents
  • Hi H_Patel,

    the WAF Works with 3 Webservers behind the Sophos SG.

    But i cant reached the Jiti Meet Server behind the Sophos SG by WAF.

    If i Disable WAF and do some NAT with Ports 80,443,10000 it works but not with WAF.

    I need to get this Working.

    with WAF i got this error:

    Proxy Error

    The proxy server received an invalid response from an upstream server.
    The proxy server could not handle the request GET /.

    Reason: Error reading from remote server

    regards

    frank

  • Hallo Frank,

    Herzlich willkommen hier in der Community !

    (Sorry, my German-speaking brain isn't creating thoughts at the moment. Frowning2

    Please show about 50 related lines from the Web Application Firewall log.

    MfG - Bob (Bitte auf Deutsch weiterhin.)

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi Bob,

    this is what i get

    in the Log.

    2020:10:25-16:34:33 gateway httpd[32399]: [proxy_http:error] [pid 32399:tid 3951938416] (70014)End of file found: [client 109.42.3.49:1313] AH01102: error reading status line from remote server JITSI_Internal_IP:443
    2020:10:25-16:34:33 gateway httpd[32399]: [proxy:error] [pid 32399:tid 3951938416] [client 109.42.3.49:1313] AH00898: Error reading from remote server returned by /
    2020:10:25-16:34:33 gateway httpd: id="0299" srcip="109.42.3.49" localip="WAN_IP" size="379" user="-" host="109.42.3.49" method="GET" statuscode="502" reason="-" extra="-" exceptions="SkipBlacklistDNSRBL, SkipBlacklistGeoIP, SkipAntiVirus, SkipTFT, SkipURLHardening, SkipFormHardening, SkipFormHardeningMissingToken, SkipCookieSigning, SkipThreatsFilter" time="13423" url="/" server="meet.myhost.net" port="443" query="" referer="-" cookie="-" set-cookie="-" websocket_scheme="-" websocket_protocol="-" websocket_key="-" websocket_version="-" uid="X5WbCTLoppOChxHZZUspMwAAAKs"
    2020:10:25-16:34:35 gateway httpd[32399]: [proxy_http:error] [pid 32399:tid 3951938416] (70014)End of file found: [client 109.42.3.49:1313] AH01102: error reading status line from remote server JITSI_Internal_IP:443, referer: https://meet.myhost.net/
    2020:10:25-16:34:35 gateway httpd: id="0299" srcip="109.42.3.49" localip="WAN_IP" size="0" user="-" host="109.42.3.49" method="GET" statuscode="200" reason="-" extra="-" exceptions="SkipBlacklistDNSRBL, SkipBlacklistGeoIP, SkipAntiVirus, SkipTFT, SkipURLHardening, SkipFormHardening, SkipFormHardeningMissingToken, SkipCookieSigning, SkipThreatsFilter" time="12671" url="/favicon.ico" server="meet.myhost.net" port="80" query="" referer="https://meet.myhost.net/" cookie="-" set-cookie="-" websocket_scheme="-" websocket_protocol="-" websocket_key="-" websocket_version="-" uid="X5WbCzLoppOChxHZZUspNAAAAKs"
    2020:10:25-16:34:35 gateway httpd[32399]: [proxy_http:error] [pid 32399:tid 4061043568] (70014)End of file found: [client 109.42.3.49:10196] AH01102: error reading status line from remote server JITSI_Internal_IP:443, referer: https://meet.myhost.net/
    2020:10:25-16:34:35 gateway httpd[32399]: [proxy:error] [pid 32399:tid 4061043568] [client 109.42.3.49:10196] AH00898: Error reading from remote server returned by /favicon.ico, referer: https://meet.myhost.net/
    2020:10:25-16:34:35 gateway httpd: id="0299" srcip="109.42.3.49" localip="WAN_IP" size="401" user="-" host="109.42.3.49" method="GET" statuscode="502" reason="-" extra="-" exceptions="SkipBlacklistDNSRBL, SkipBlacklistGeoIP, SkipAntiVirus, SkipTFT, SkipURLHardening, SkipFormHardening, SkipFormHardeningMissingToken, SkipCookieSigning, SkipThreatsFilter" time="12732" url="/favicon.ico" server="meet.myhost.net" port="443" query="" referer="https://meet.myhost.net/" cookie="-" set-cookie="-" websocket_scheme="-" websocket_protocol="-" websocket_key="-" websocket_version="-" uid="X5WbCzLoppOChxHZZUspNQAAAJ4"
    2020:10:25-16:34:37 gateway httpd: id="0299" srcip="109.42.3.49" localip="WAN_IP" size="29" user="-" host="109.42.3.49" method="POST" statuscode="200" reason="-" extra="-" exceptions="-" time="5060770" url="/Microsoft-Server-ActiveSync" server="mail.freaky-media.net" port="443" query="?Cmd=Ping&User=frank&DeviceId=SEC1037E3C4CCECF&DeviceType=SamsungDevice" referer="-" cookie="-" set-cookie="-" websocket_scheme="-" websocket_protocol="-" websocket_key="-" websocket_version="-" uid="X5WbCDLoppOChxHZZUspMQAAALw"
    

  • You're right, that's not much more info than what you already said, Frank,  Let's look at pictures of the Edits of the Virtual Server with 'Advanced' open and of the Firewall Profile.

    MfG - Bob (Bitte auf Deutsch weiterhin.)

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • You're right, that's not much more info than what you already said, Frank,  Let's look at pictures of the Edits of the Virtual Server with 'Advanced' open and of the Firewall Profile.

    MfG - Bob (Bitte auf Deutsch weiterhin.)

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children