I'm attempting to set up Sophos UTM as Webserver protection, right now behind a different firewall, and running into issues. Looking at Sophos I may just use it as the main firewall in the future, but for now it has to be behind another as reverse proxy.
Main firewall - 10.1.1.9
Sophos - one NIC (I think as bridge mode?), 10.1.1.8
Webserver - 10.1.1.16
I have the main firewall forwarding port 80 traffic to Sophos.
In Sophos I've set up the real and virtual webservers. I have Pass host header enabled in the virtual web server. In Network Protection I've set up a firewall rule allowing port 80 traffic from any source to the Internal network.
At present I have no NATs set up as some of the documentation I was reading said NATs would effectively bypass the Webserver Protection.
On the webserver I've set up Sophos as Trusted Proxy, mostly so the real IPs will come through.
On Sophos I do see web traffic coming into the box, but the websites do not come up. I don't see the web traffic in the access or error logs of the webserver. I haven't done any network sniffing yet to see if they are getting there. The live web server protection logs don't show any sort of logging to indicate traffic.
Can anyone point me in the right direction, some documentation or how-tos? I'm stuck. I appreciate any help.
This thread was automatically locked due to age.