This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Proxy protocol support and Firewall

We're running Sophos UTM 9.x in AWS and enabled Proxy Protocol support in the WAF. We've also enabled proxy protocol support in the HAproxy instances sitting in front of the UTM. We can see the source IP addresses in the WAF log but not in the Firewall log. We were expecting the source IP address would also be visible in the Firewall log since we have already enabled proxy protocol support. What steps are we missing? Thank you.

This thread was automatically locked due to age.
  • You can try this way-

    Navigate to Tools > Options >, then select the Advanced tab. On the Network tab (usually selected by default), click Settings. The Connection Settings dialog box shows whether the browser is configured to connect to a proxy server. Make a note of the proxy settings.

    I hope this will help

    best Regards

  • Sorry, is this in the Sophos GUI or the browser? The issue is with Sophos being able to "see" the source IP address coming in from one of its interfaces if it's sitting behind a proxy server, in this instance an HAProxy server, and then doing actions (e.g. allow, deny) in DNAT or some other mechanism.

  • I don't see an "(Address)" object anywhere.  Check #4 in the Rulz link above.

    Cheers - Bob

    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply Children