How to Pass all HTTP Headers (SecuritySpy iOS app) - repost

Question

Reposting as this is still an issue for us. 
 We run the Security Spy software for our security cameras. I've put it behind the WAF, and it works accessing it via a web browser. 
 They have an iOS app which does not work when the server is behind the WAF. 
 Turned off the virtual web server's Firewall Profile so it should not be blocking anything. 
 The developer of the Security Spy software said, " The problem is that SecuritySpy passes a custom HTTP header to the app to identify itself. This is apparently not getting passed through by your proxy. Normally there would be a configuration option in the proxy to pass all HTTP headers, and this typically solves this problem - does your Sophos device have such an option?" 
 " it seems like the proxy potentially does quite a lot of editing to the data as it passes through." 
 I just can't get this to work. 
 
 Any

Amodin · Accepted Answer

Are you forwarding the ports for the app? I use Milestone Systems for my six Reolink cameras, and I have an HTTP/S ports that I can designate on the server. Even though I use WAF, I still have to port forward the HTTP/S ports I am using to use the phone app, but I also have to create the NAT rule for it to be accessible outside the network.

OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
(Former Sophos UTM Veteran, Former XG Rookie)

How to Pass all HTTP Headers (SecuritySpy iOS app) - repost

Top Replies