please, I am pulling my hairs here.
I am trying to configure WAF for WAYK Bastion. It is set up as localhost:4000 internally, and https://den.company.com (443) externally on the WAF.
My problem is that when I access https://den.company.com, the URL is being converted to https://ip-address:4000 , and the access is denied via browser due to missing certificate. WAF should be the only one doing the TLS and not changing the URL.
In the WAF I don't have much set: virtual server is set to https://den.company.com with the Let's Encrypt certificate. I tried both HTTPs and HTTPs & Redirect. Firewall Profile is empty and set to Monitor.
I am at first trying to prevent the URL conversion. Sounds stupid, but none of my other WAF connections, including RDS or monitoring software we use, don't do that.
Is this on the webserver side or due to bad configuration on the firewall?
For anyone trying to set it up, on the Sophos I had to:
Check Pass Host Header (which enabled the correct website calling over the FQDN)
Enable HTTPS with Redirection
Firewall Profil currently empty, but I will work on this
Site Path Routing: