Sophos UTM: Decommissioning of obsolete URL categorization services CFFS.Click here for important info.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 3 subscribers
  • Views 1351 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM9 Web Server Protection with Websocket

Costea Adrian

Hi,

I have an internal application, and more specifically MeshCentral and I am using UTM9 since I need to do SNI having just on public IP.

After creating the server and listener in UTM9 with Pass host header and Enable WebSocket passthrough options configured I would expect for my app to work. The thing is that the remote agent (over internet) cannot connect to my internal MeshCentral server. The agent is using websocket wss://fqdn:443.

If I configure my firewall to bypass the UTM9 appliance and direct the 443 traffic directly to the MeshCentral server, then the remote agent pops-up in the console just fine.

With Nginx proxy this is double, but I don't know how to configure the below lines in UTM9

  #Websocket Support
  proxy_http_version 1.1;
  proxy_set_header Upgrade $http_upgrade;
  proxy_set_header Connection "upgrade";

Any ideas?

Thanks,

Am văzut pe interiorI ahve see on the in
Detected language : English


This thread was automatically locked due to age.
Parents
  • 0

    Just wanted to update the post since I have found the issue, and it is not form the UTM, maybe it will help someone.

    The Mesh server checks the hash of the certificate that it issued to the agents, and since the certificate was coming from the UTM proxy it had a different one and the handshake was broken. I had to tell the Mesh server to check the proxy certificate and accept its hash ("certUrl": "">https://domain.com:443"). From here one everything stat working.

    provin de lacoming from
    Detected language : English
Reply
  • 0

    Just wanted to update the post since I have found the issue, and it is not form the UTM, maybe it will help someone.

    The Mesh server checks the hash of the certificate that it issued to the agents, and since the certificate was coming from the UTM proxy it had a different one and the handshake was broken. I had to tell the Mesh server to check the proxy certificate and accept its hash ("certUrl": "">https://domain.com:443"). From here one everything stat working.

    provin de lacoming from
    Detected language : English
Children
No Data
Unfiltered HTML