This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Many WAF errors [security2:error] and no sync from iPhones

Hello Sophos Community,

 

I am facing actually the issue, that Samsung Smartphones are perfectly synchronising through the WAF with my Exchange server, but iPhones won't work.

 

At the WAF log is an entry which is showing the following error:

2019:02:13-12:46:12 myutm httpd[31818]: [security2:error] [pid 31818:tid 4127116144] [client sourceip:50693] [client sourceip] ModSecurity: Access allowed (phase 1). Operator GT matched 0 at ENV. [file "/usr/apache/conf/waf/base.conf"] [line "14"] [id "900000"] [hostname "destinationurl"] [uri "/mapi/emsmdb/"] [unique_id "XGQDhMCosQEAAHxKV3kAAAAA"]
2019:02:13-12:46:12 myutm httpd: id="0299" srcip="sourceip" localip="192.168.177.1" size="0" user="-" host="sourceip" method="POST" statuscode="401" reason="-" extra="-" exceptions="SkipBlacklistDNSRBL, SkipBlacklistGeoIP, SkipAntiVirus, SkipTFT, SkipURLHardening, SkipFormHardening, SkipCookieSigning, SkipThreatsFilter" time="34287" url="/mapi/emsmdb/" server="destinationurl" port="443" query="?MailboxId=58293306-49ed-4ae5-8ff4-21a2a2dcbd40@domain.com" referer="-" cookie="MapiContext=MAPIAAAAAOy/7L7orfXF9Nfl1eTd8MDy3+7f/838xvXB+8j8poW0jLyNtIa0hrSHOBMAAAAAAAA=;MapiRouting=UlVNOjQ4YzgwOGY0LTY1MDQtNGM5NS04MzQ1LTU0MDEzODE5MDZkNDrlxH/RqJHWCA==;MapiSequence=41-drpENg==;X-BackEndCookie=58296706-49ed-4ae5-8ff5-21a2a2dcbd40=u56Lnp2ejJqByMmbz87Ny8fSz8vNm9LLxpnO0p6dx53SnMvHmZnIx87Iy8zHgYHNz87G0s/M0s7Kq87OxcvKxcrI" set-cookie="-" websocket_scheme="-" websocket_protocol="-" websocket_key="-" websocket_version="-" uid="XGQDhMCosQEAAHxKV3kAAAAA"

 

Has anybody an idea what that error means and how to get rid of it?

 

Thank you and best regards,

Johnny

 

Edit: I just wanted to add, that the iPhone sync was running for a couple of years without a problem. If the iPhones are connected to the company wifi (no Sophos between Phones and Exchange) the sync is working. BUT: Even with the Outlook App for iPhones the sync is working outside the company wifi. Very strange.



This thread was automatically locked due to age.
Parents
  • Hi Johnny,

    did you consider that IOS also has bugs in the activesync protocol from time to time? Did your problem start after a certain update of IOS? Does the behavior differ with different versions of IOS?

    Best regards 

    Alex 

    -

  • Hi everyone,

     

    since this thread is nearly a year old, I was able to fix that issue in the meantime.

    The customer was always against autodiscover and so a fan of "security through obscurity".

    But after I configured autodiscover for that customer the iPhones restarted to sync right away.

    I don't get/know why, but it seems that they don't work with Exchange without autodiscover anymore.

     

    Best regards,

    Johnny

Reply
  • Hi everyone,

     

    since this thread is nearly a year old, I was able to fix that issue in the meantime.

    The customer was always against autodiscover and so a fan of "security through obscurity".

    But after I configured autodiscover for that customer the iPhones restarted to sync right away.

    I don't get/know why, but it seems that they don't work with Exchange without autodiscover anymore.

     

    Best regards,

    Johnny

Children
No Data