This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM - WAF setup

I created a NAT in UTM for traffic coming from "Any" going to my externally accessible (external as in still on a corporate LAN, not on the Internet) IP, then change the destination to my test web server's IP, so a DNAT if you will.  Doing this routes traffic from web.domain.com (again, using split DNS I created an entry for web.domain.com in our DNS zone which points to the external IP of Sophos UTM) directly to the web server using an internal LAN DMZ connection.  Our internal network cannot get to the DMZ, it is only proxy'ed through Sophos UTM.  This works like a charm, however I don't understand or maybe I'm missing the point on a Web Application Firewall setup.  Since this traffic is directly passed to the web server via the NAT, it bypasses the WAF rules I've setup for this web server.  Can someone help me understand how to get traffic from one IP correlated to an internal DMZ IP and pass it through the WAF without sending all the traffic via a NAT?



This thread was automatically locked due to age.
  • Hi Clayton and welcome to the UTM Community!

    Check #2 in Rulz - I suspect that you only need to disable your DNAT.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA