This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Problem with WAF, Blocked content

Hello,

i have configured a WAF to publish a internal website.

The front-end authentication works fine. The forwarding the the internal website works also :).

But now the problem, after login i dont see any frames, it looks like that some content is blocked. From my point of few its a java application.

Attached the log file from login:

Browser Debug:


Live Log: Web Application Firewall    
Filter:    
217.6.XXX.XXX
    Autoscroll    
Reload
2020:01:23-12:42:48 customer-sophos-1 httpd: id="0299" srcip="217.6.XXX.XXX" localip="195.50.XXX.XXX" size="1271" user="LOGIN_USER_TEST" host="217.6.XXX.XXX" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="35323" url="/" server="selfservice.CUSTOMER_XXX:4443" port="4443" query="" referer="-" cookie="Auth-Token-SelfService=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1laWQiOiJCZW5hcmlvIiwiZ2l2ZW5fbmFtZSI6Ik9sZ2EiLCJmYW1pbHlfbmFtZSI6IkJlbmFyaW8iLCJVc2VyR3JvdXBJZCI6IjEiLCJVc2VySWQiOiI0NjkiLCJFbXBsb3
2020:01:23-12:42:48 customer-sophos-1 httpd: id="0299" srcip="217.6.XXX.XXX" localip="195.50.XXX.XXX" size="11895" user="LOGIN_USER_TEST" host="217.6.XXX.XXX" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="36330" url="/styles.675eb281ab19659e7c6a.css" server="selfservice.CUSTOMER_XXX:4443" port="4443" query="" referer="selfservice.CUSTOMER_XXX:4443/" cookie="Auth-Token-SelfService=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1laWQiOiJCZW5hcmlvIiwiZ2l2ZW5fbmFtZSI6Ik9sZ2EiLCJmYW1pbHl
2020:01:23-12:42:48 customer-sophos-1 httpd: id="0299" srcip="217.6.XXX.XXX" localip="195.50.XXX.XXX" size="712" user="LOGIN_USER_TEST" host="217.6.XXX.XXX" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="37238" url="/runtime.9e46f86c4d4470dd5413.js" server="selfservice.CUSTOMER_XXX:4443" port="4443" query="" referer="selfservice.CUSTOMER_XXX:4443/" cookie="Auth-Token-SelfService=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1laWQiOiJCZW5hcmlvIiwiZ2l2ZW5fbmFtZSI6Ik9sZ2EiLCJmYW1pbHl
2020:01:23-12:42:48 customer-sophos-1 httpd: id="0299" srcip="217.6.XXX.XXX" localip="195.50.XXX.XXX" size="1230" user="LOGIN_USER_TEST" host="217.6.XXX.XXX" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="41922" url="/scripts.da1aa7a19dc525bdaee5.js" server="selfservice.CUSTOMER_XXX:4443" port="4443" query="" referer="selfservice.CUSTOMER_XXX:4443/" cookie="Auth-Token-SelfService=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1laWQiOiJCZW5hcmlvIiwiZ2l2ZW5fbmFtZSI6Ik9sZ2EiLCJmYW1p
2020:01:23-12:42:48 customer-sophos-1 httpd: id="0299" srcip="217.6.XXX.XXX" localip="195.50.XXX.XXX" size="41118" user="LOGIN_USER_TEST" host="217.6.XXX.XXX" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="61511" url="/polyfills.8c24ef4ae3f4f8aca444.js" server="selfservice.CUSTOMER_XXX:4443" port="4443" query="" referer="selfservice.CUSTOMER_XXX:4443/" cookie="Auth-Token-SelfService=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1laWQiOiJCZW5hcmlvIiwiZ2l2ZW5fbmFtZSI6Ik9sZ2EiLCJ
2020:01:23-12:42:49 customer-sophos-1 httpd: id="0299" srcip="217.6.XXX.XXX" localip="195.50.XXX.XXX" size="1560449" user="LOGIN_USER_TEST" host="217.6.XXX.XXX" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="676609" url="/main.e2312433d5ae498c0aac.js" server="selfservice.CUSTOMER_XXX:4443" port="4443" query="" referer="selfservice.CUSTOMER_XXX:4443/" cookie="Auth-Token-SelfService=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1laWQiOiJCZW5hcmlvIiwiZ2l2ZW5fbmFtZSI6Ik9sZ2EiLCJ
2020:01:23-12:42:50 customer-sophos-1 httpd: id="0299" srcip="217.6.XXX.XXX" localip="195.50.XXX.XXX" size="1158" user="LOGIN_USER_TEST" host="217.6.XXX.XXX" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="32513" url="/assets/icons/apple-touch-icon.png" server="selfservice.CUSTOMER_XXX:4443" port="4443" query="" referer="-" cookie="Auth-Token-SelfService=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1laWQiOiJCZW5hcmlvIiwiZ2l2ZW5fbmFtZSI6Ik9sZ2EiLCJmYW1pbHlfbmFtZSI6IkJlbmFyaW8iLCJVc2VyR3Jv
2020:01:23-12:42:50 customer-sophos-1 httpd: id="0299" srcip="217.6.XXX.XXX" localip="195.50.XXX.XXX" size="128" user="LOGIN_USER_TEST" host="217.6.XXX.XXX" method="GET" statuscode="442" reason="-" extra="-" exceptions="-" time="30160" url="/api/selfservice/v1/user/settings" server="selfservice.CUSTOMER_XXX:4443" port="4443" query="?nonce=1579779770705" referer="selfservice.CUSTOMER_XXX:4443/" cookie="Auth-Token-SelfService=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1laWQiOiJCZW5hcmlvIiwiZ2l2ZW
2020:01:23-12:42:50 customer-sophos-1 httpd: id="0299" srcip="217.6.XXX.XXX" localip="195.50.XXX.XXX" size="128" user="LOGIN_USER_TEST" host="217.6.XXX.XXX" method="GET" statuscode="442" reason="-" extra="-" exceptions="-" time="30660" url="/api/selfservice/v1/user/image" server="selfservice.CUSTOMER_XXX:4443" port="4443" query="?nonce=1579779770709" referer="selfservice.CUSTOMER_XXX:4443/" cookie="Auth-Token-SelfService=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1laWQiOiJCZW5hcmlvIiwiZ2l2ZW5fb
2020:01:23-12:42:50 customer-sophos-1 httpd: id="0299" srcip="217.6.XXX.XXX" localip="195.50.XXX.XXX" size="1193" user="LOGIN_USER_TEST" host="217.6.XXX.XXX" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="27546" url="/assets/images/cx_logo_small.png" server="selfservice.CUSTOMER_XXX:4443" port="4443" query="" referer="selfservice.CUSTOMER_XXX:4443/" cookie="Auth-Token-SelfService=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1laWQiOiJCZW5hcmlvIiwiZ2l2ZW5fbmFtZSI6Ik9sZ2EiLC
2020:01:23-12:42:50 customer-sophos-1 httpd: id="0299" srcip="217.6.XXX.XXX" localip="195.50.XXX.XXX" size="128" user="LOGIN_USER_TEST" host="217.6.XXX.XXX" method="GET" statuscode="442" reason="-" extra="-" exceptions="-" time="53180" url="/api/selfservice/v1/notifications/" server="selfservice.CUSTOMER_XXX:4443" port="4443" query="?nonce=1579779770806" referer="selfservice.CUSTOMER_XXX:4443/" cookie="Auth-Token-SelfService=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1laWQiOiJCZW5hcmlvIiwiZ2l2Z
2020:01:23-12:42:50 customer-sophos-1 httpd: id="0299" srcip="217.6.XXX.XXX" localip="195.50.XXX.XXX" size="128" user="LOGIN_USER_TEST" host="217.6.XXX.XXX" method="GET" statuscode="442" reason="-" extra="-" exceptions="-" time="28747" url="/api/selfservice/v1/antraege/aktuell/" server="selfservice.CUSTOMER_XXX:4443" port="4443" query="?nonce=1579779770865" referer="selfservice.CUSTOMER_XXX:4443/" cookie="Auth-Token-SelfService=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1laWQiOiJCZW5hcmlvIiw
2020:01:23-12:42:50 customer-sophos-1 httpd: id="0299" srcip="217.6.XXX.XXX" localip="195.50.XXX.XXX" size="128" user="LOGIN_USER_TEST" host="217.6.XXX.XXX" method="GET" statuscode="442" reason="-" extra="-" exceptions="-" time="33541" url="/api/selfservice/v1/fortbildungen/anmeldungen/bearbeitet" server="selfservice.CUSTOMER_XXX:4443" port="4443" query="?nonce=1579779770866" referer="selfservice.CUSTOMER_XXX:4443/" cookie="Auth-Token-SelfService=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1l
2020:01:23-12:42:50 customer-sophos-1 httpd: id="0299" srcip="217.6.XXX.XXX" localip="195.50.XXX.XXX" size="0" user="LOGIN_USER_TEST" host="217.6.XXX.XXX" method="GET" statuscode="403" reason="-" extra="-" exceptions="-" time="36440" url="/api/selfservice/v1/dashboard/dienste" server="selfservice.CUSTOMER_XXX:4443" port="4443" query="?nonce=1579779770873" referer="selfservice.CUSTOMER_XXX:4443/" cookie="Auth-Token-SelfService=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1laWQiOiJCZW5hcmlvIiwiZ
2020:01:23-12:42:50 customer-sophos-1 httpd: id="0299" srcip="217.6.XXX.XXX" localip="195.50.XXX.XXX" size="128" user="LOGIN_USER_TEST" host="217.6.XXX.XXX" method="GET" statuscode="442" reason="-" extra="-" exceptions="-" time="36208" url="/api/selfservice/v1/zeitprotokoll/zeiten/neueste" server="selfservice.CUSTOMER_XXX:4443" port="4443" query="?nonce=1579779770874" referer="selfservice.CUSTOMER_XXX:4443/" cookie="Auth-Token-SelfService=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1laWQiOiJ
2020:01:23-12:42:50 customer-sophos-1 httpd: id="0299" srcip="217.6.XXX.XXX" localip="195.50.XXX.XXX" size="1285" user="LOGIN_USER_TEST" host="217.6.XXX.XXX" method="GET" statuscode="404" reason="-" extra="-" exceptions="-" time="28667" url="/MaterialIcons-Regular.570eb83859dc23dd0eec.woff2" server="selfservice.CUSTOMER_XXX:4443" port="4443" query="" referer="selfservice.CUSTOMER_XXX:4443/" cookie="Auth-Token-SelfService=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1laWQiOiJCZW5hcmlvIiwiZ2l2
2020:01:23-12:42:51 customer-sophos-1 httpd: id="0299" srcip="217.6.XXX.XXX" localip="195.50.XXX.XXX" size="0" user="LOGIN_USER_TEST" host="217.6.XXX.XXX" method="GET" statuscode="403" reason="-" extra="-" exceptions="-" time="33585" url="/api/selfservice/v1/dashboard/urlaub" server="selfservice.CUSTOMER_XXX:4443" port="4443" query="?nonce=1579779770875" referer="selfservice.CUSTOMER_XXX:4443/" cookie="Auth-Token-SelfService=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1laWQiOiJCZW5hcmlvIiw
2020:01:23-12:42:51 customer-sophos-1 httpd: id="0299" srcip="217.6.XXX.XXX" localip="195.50.XXX.XXX" size="0" user="LOGIN_USER_TEST" host="217.6.XXX.XXX" method="GET" statuscode="403" reason="-" extra="-" exceptions="-" time="31469" url="/api/selfservice/v1/dashboard/konten" server="selfservice.CUSTOMER_XXX:4443" port="4443" query="?nonce=1579779770876" referer="selfservice.CUSTOMER_XXX:4443/" cookie="Auth-Token-SelfService=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1laWQiOiJCZW5hcmlvI
2020:01:23-12:42:51 customer-sophos-1 httpd: id="0299" srcip="217.6.XXX.XXX" localip="195.50.XXX.XXX" size="1285" user="LOGIN_USER_TEST" host="217.6.XXX.XXX" method="GET" statuscode="404" reason="-" extra="-" exceptions="-" time="30209" url="/MaterialIcons-Regular.012cf6a10129e2275d79.woff" server="selfservice.CUSTOMER_XXX:4443" port="4443" query="" referer="selfservice.CUSTOMER_XXX:4443/" cookie="Auth-Token-SelfService=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1laWQiOiJCZW5hcmlvIiwi
2020:01:23-12:42:51 customer-sophos-1 httpd: id="0299" srcip="217.6.XXX.XXX" localip="195.50.XXX.XXX" size="1285" user="LOGIN_USER_TEST" host="217.6.XXX.XXX" method="GET" statuscode="404" reason="-" extra="-" exceptions="-" time="30687" url="/MaterialIcons-Regular.570eb83859dc23dd0eec.woff2" server="selfservice.CUSTOMER_XXX:4443" port="4443" query="" referer="selfservice.CUSTOMER_XXX:4443/styles.675eb281ab19659e7c6a.css" cookie="Auth-Token-SelfService=eyJhbGciOiJIUzI1NiIsInR5cCI6I
2020:01:23-12:42:51 customer-sophos-1 httpd: id="0299" srcip="217.6.XXX.XXX" localip="195.50.XXX.XXX" size="1285" user="LOGIN_USER_TEST" host="217.6.XXX.XXX" method="GET" statuscode="404" reason="-" extra="-" exceptions="-" time="30736" url="/MaterialIcons-Regular.012cf6a10129e2275d79.woff" server="selfservice.CUSTOMER_XXX:4443" port="4443" query="" referer="selfservice.CUSTOMER_XXX:4443/styles.675eb281ab19659e7c6a.css" cookie="Auth-Token-SelfService=eyJhbGciOiJIUzI1NiIsInR5cCI6Ik

 

 

Konfig:



This thread was automatically locked due to age.
Parents
  • Hallo Andre and welcome to the UTM Community!

    Port 4443 is reserved in UTM for use by the Sophos UTM Manager (SUM) package.  What happens when you change the port?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • Hallo Andre and welcome to the UTM Community!

    Port 4443 is reserved in UTM for use by the Sophos UTM Manager (SUM) package.  What happens when you change the port?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children