Access Internal website hosted in the windows server externally

Hello, We have created a website that is hosted internally and can be accessible. But we want that website to be accessible on the internet without VPN. (I can access it with VPN) I created a DNAT rule to allow any traffic from outside to that server. Is there anything else I need to create ? Thank for your help

Parents
  • Hi Baflson..

    This did not help. I created a rule which let me access the website on VPN. I am also able to ping the website from an external network but I can't access it from the browser. 

    Thanks

  • You are most likely just pinging your external IP address which hosts more than a website I am guessing.

    If you couldn't access your site after setting up Webserver, then it is either incorrect or you have a routing issue.

    You may want to post some screenshots of your setup of Webserver Protection. 

    UTM - 9.712 | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SATA HDD | GB Ethernet x5

  • This Ping is from an external network. I am not on VPN.

  • After creating the WAF did you disable your DNAT rule and try?

    UTM - 9.712 | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SATA HDD | GB Ethernet x5

  • Yes I did.. Just to give you an overview. The website is built by a different vendor on our development server. The domain name is the dev.xxxxx.com but the ip address is the dev server. Now when i try to access the website off network I get redirected to the Sophos User portal. If I am able to ping doesn't that mean I should able to access the website ? My firewall rule is Any->HTTP->WAN Dev server. Thats the traffic coming from outside to inside. I had also created a rule that would allow traffic from inside to outside but that didn't help to work too. 

  • Applying rules to work with WAF and setting up WAF at the same time won't help your cause, they will battle each other for the title, so to speak and I believe the firewall rules > WAF when it comes to the order in the UTM world.  

    The rule shouldn't be needed if you are using WAF.  PING is just an acknowledgment of a packet.  It sounds like maybe your Network Definitions are off with this?  Did you check those to make sure your definition is correct?  Like I said before, you are most likely just pinging your external IP address that probably houses more than a website.  From what I can tell your WAF looks okay; I would make sure the definition is pointing to the correct IP and any other rules you have related to your dev server.

    EDIT:  Do you have more than one external IP and does your dev server 'own' one of them for itself?  Or, are you using only one external IP and using A records in DNS for your subdomains?

    UTM - 9.712 | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SATA HDD | GB Ethernet x5

Reply
  • Applying rules to work with WAF and setting up WAF at the same time won't help your cause, they will battle each other for the title, so to speak and I believe the firewall rules > WAF when it comes to the order in the UTM world.  

    The rule shouldn't be needed if you are using WAF.  PING is just an acknowledgment of a packet.  It sounds like maybe your Network Definitions are off with this?  Did you check those to make sure your definition is correct?  Like I said before, you are most likely just pinging your external IP address that probably houses more than a website.  From what I can tell your WAF looks okay; I would make sure the definition is pointing to the correct IP and any other rules you have related to your dev server.

    EDIT:  Do you have more than one external IP and does your dev server 'own' one of them for itself?  Or, are you using only one external IP and using A records in DNS for your subdomains?

    UTM - 9.712 | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SATA HDD | GB Ethernet x5

Children