Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 20 replies
  • Subscribers 2 subscribers
  • Views 49837 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web Application Firewall - Real webserver "in error"

thenetstriker
I' am trying to setup an Web Application Firewall on my Sophos UTM 9. I've configured some real webservers and one virtual webserver. In the virtual webserver on the left always appears an icon that says "in error". I get nothing in the logs. What could cause this problem?


This thread was automatically locked due to age.
  • 0
    I guess I don't see the "in error" message you described.  Are you talking about the Real Server with the yellow dot?  Can you reach the Real Server via the Virtual Server?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    Yes I am talking about this yellow dot. When I put the mouse on the dot a context menu appears containing the message "in error". I am able to open the real webserver page over the HTML 5 VPN Portal if that is what you mean.
  • 0
    Well, for example, our webserver is hosted externally.  There's a yellow dot, just like in your picture, but access via the Virtual Server in our office UTM is not a problem.  I guessed that the issue was just one of ping time - what is the ping time from your UTM to the UBUNTU server?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    Ping is about 1 ms:
    64 bytes from 172.17.2.17: icmp_seq=1 ttl=64 time=0.987 ms
    64 bytes from 172.17.2.17: icmp_seq=2 ttl=64 time=1.12 ms
    64 bytes from 172.17.2.17: icmp_seq=3 ttl=64 time=0.882 ms
    64 bytes from 172.17.2.17: icmp_seq=4 ttl=64 time=1.02 ms
    64 bytes from 172.17.2.17: icmp_seq=5 ttl=64 time=0.921 ms
  • 0
    Please confirm that the Host definition for UBUNTU is not bound to a specific interface, that it has 'Interface: >'.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    Yes, the host definition of UBUNTU has set  on the interface definition and has set type "Host".
  • 0
    Hi,
    I solved this problem, when I change the real webserver definition to the host IP address and not used the DNS name resolution.
  • 0
    I've also configured the ip address instead of dns and it doesn't work.
  • 0
    Hi thenetstriker.

    Have you found any solution?
    I'm having the same problem.
  • 0

    I ran into this after a power failure at my house.  For some reason, it would not bind port 80 to my IPv6 address:

    # /var/mdw/scripts/reverseproxy restart
    :: Restarting reverseproxy
    reverseproxy not running
    :: Starting reverseproxy
    [Thu Jun 01 12:35:00.997875 2017] [core:warn] [pid 3973:tid 1435722960] AH00111: Config variable ${URLHardening_HTTP_Hostname} is not defined
    [Thu Jun 01 12:35:00.997986 2017] [core:warn] [pid 3973:tid 1435722960] AH00111: Config variable ${URLHardening_HTTP_Hostname} is not defined
    [Thu Jun 01 12:35:01.000681 2017] [core:warn] [pid 3973:tid 1435722960] AH00111: Config variable ${URLHardening_HTTP_Hostname} is not defined
    [Thu Jun 01 12:35:01.000718 2017] [core:warn] [pid 3973:tid 1435722960] AH00111: Config variable ${URLHardening_HTTP_Hostname} is not defined
    AH00112: Warning: DocumentRoot [/var/www/REF_RevFroCcsweb01] does not exist
    AH00112: Warning: DocumentRoot [/var/www/REF_RevFroCcsweb01] does not exist
    (99)Cannot assign requested address: AH00072: make_sock: could not bind to address [2606:6000:5fc0:5:44bd:ad76:3adc:27bd]:80
    no listening sockets available, shutting down
    AH00015: Unable to open logs

     

    I was able to work around this by disabling IPv6 temporarily, then restarting the reverseproxy service again.

    Has anyone else seen this?

Unfiltered HTML