This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM9 Web Server Protection with Websocket

Hi,

I have an internal application, and more specifically MeshCentral and I am using UTM9 since I need to do SNI having just on public IP.

After creating the server and listener in UTM9 with Pass host header and Enable WebSocket passthrough options configured I would expect for my app to work. The thing is that the remote agent (over internet) cannot connect to my internal MeshCentral server. The agent is using websocket wss://fqdn:443.

If I configure my firewall to bypass the UTM9 appliance and direct the 443 traffic directly to the MeshCentral server, then the remote agent pops-up in the console just fine.

With Nginx proxy this is double, but I don't know how to configure the below lines in UTM9

  #Websocket Support
  proxy_http_version 1.1;
  proxy_set_header Upgrade $http_upgrade;
  proxy_set_header Connection "upgrade";

Any ideas?

Thanks,

Am văzut pe interiorI ahve see on the in
Detected language : English


This thread was automatically locked due to age.
Parents
  • Bună Adrian,

    Please insert pictures of the Edits of the Virtual and Real Server definitions.  Also, copy here the lines from the Webserver log when this access is not allowed.

    Does Karlos suggestion help?

    If you have a paid subscription, please open a support ticket and share here what Sophos has to say about this issue which I thought was fixed last year.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi Bob,

    Thanks for getting by.

    After more investigation I kind of have the feeling the problem is not in the UTM9 proxy because if I disconnect the internal server network adapter and restart the remote agent in order to force it to reconnect, I can see in the UTM logs that the proxy module is trying to forward the agent request to the server's internal IP but it fails (since it is disconnected).

    If I connect the adapter back and restart the remote agent again, I see nothing in the logs even tough I should still have some pass lines here, but it is empty.

    Unfortunately I cannot upload the images here that I have taken from the UTM, I keep getting an empty box during upload, but I have uploaded them here https://imgur.com/a/g5JELbw

    Let me know your thoughts,

    Adrian

Reply
  • Hi Bob,

    Thanks for getting by.

    After more investigation I kind of have the feeling the problem is not in the UTM9 proxy because if I disconnect the internal server network adapter and restart the remote agent in order to force it to reconnect, I can see in the UTM logs that the proxy module is trying to forward the agent request to the server's internal IP but it fails (since it is disconnected).

    If I connect the adapter back and restart the remote agent again, I see nothing in the logs even tough I should still have some pass lines here, but it is empty.

    Unfortunately I cannot upload the images here that I have taken from the UTM, I keep getting an empty box during upload, but I have uploaded them here https://imgur.com/a/g5JELbw

    Let me know your thoughts,

    Adrian

Children
No Data