This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Forward internal web requests through the web application firewall of the UTM

Hi,

i want to forward internal web requests through the web application firewall of the UTM.

The background of this scenario is, that windows phones will not work with an self generated certificate of the exchange server. But my customer will not change the certificate of the exchange server.

the UTM has an existing WAF Profile for OWA/Active Sync, ... for the exchange reverse proxy rule with an trusted globalsign certificate. When the windows mobile phones are coming from the outside network they will work fine, but in the internal wifi Network they get errors issued by the self signed certificate of the exchange server.

Does an DNAT rule help me with this issue? (DNAT Rule: traffic from: internal lan going to: owa.company.tld with service: HTTPS change destination to: wan adress of owa.company.tld)

This thread was automatically locked due to age.

Parents

0 Emile Belcourt over 9 years ago

The way you could do this is by a DNS request route that when people try to get to owa.domain.co.uk (or local) it would point to the external IP/interface of the Virtual Webserver. The DNS request route can be made in Network Services > DNS > Request Routing.

This should point all internal requests to the outside of the firewall and then pass through the WAF.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Emile Belcourt over 9 years ago

The way you could do this is by a DNS request route that when people try to get to owa.domain.co.uk (or local) it would point to the external IP/interface of the Virtual Webserver. The DNS request route can be made in Network Services > DNS > Request Routing.

This should point all internal requests to the outside of the firewall and then pass through the WAF.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data