Thread Info
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Webserver Protection won't work.

traxxus_01
Hi

I'm trying to use the Webserver Protection on Sophos UTM v9.105-9.
I'm using an dyndns address.
I have added an real webserver and an virtual webserver. In my eyes everything is ok.

But the thing isn't working. 

I also got no entries in live log and no entries in the Logging & Reporting section. Every graph is emtpy.


This thread was automatically locked due to age.
  • 0
    there are some ping websites that can help you
    try to ping youraccount.dyndns.org
    Seems that nothing cames to your wan
    • 0
      But i can access the website from outside without problems.
      There is a DNAT rule for Port 80 which point directly to the webserver.
      • 0
        Traxxus, it's what I call Rule #2:

        In general, a packet arriving at an interface is handled only by one of the following, in order:
        DNATs first, then VPNs and Proxies and, finally, manual Routes and Firewall rules.


        So, you must disable your DNAT to allow the Proxy to see the traffic.

        Cheers - Bob
         
        Sophos UTM Community Moderator
        Sophos Certified Architect - UTM
        Sophos Certified Engineer - XG
        Gold Solution Partner since 2005
        MediaSoft, Inc. USA
        • 0 in reply to BAlfson
          Hi 

          Thank you for the input.
          I have now disabled the DNAT rule and created an Firewall rule to open port 80 to the webserver.

          I see now activity on the logs, but the website deliver just half of content (no css files etc.) [:S]
        • 0
          You do not need a firewall rule either! Just configure the Webserver Protection.

          For your poblem with half loading sites: have a look at the Webserver protection log file. It will eventually tell you the reason. You then can define an exception for the affected rule.
          You might also post your log here so we can have a look at it...

          ----------
          Sophos user, admin and reseller.
          Private Setup:

          • XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)
          • UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
        • 0
          Bob, thanks for mentioning Rule #2!

          Just out of curiosity, what's Rule #1?


          See Ya!
          Van
          • 0
            Just search the forum, you will find several rules... [:)]
            You might try Google with "balfson rule site:astaro.org", it works better than the internal forum search.

            ----------
            Sophos user, admin and reseller.
            Private Setup:

            • XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)
            • UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
            • 0
              Thanks, SK!

              So far, I have eight rules about common issues.  Do two googles site:astaro.org "what i call rule #" "Cheers - Bob" and site:astaro.org "zeroeth rule" "cheers - Bob"

              Cheers - Bob
               
              Sophos UTM Community Moderator
              Sophos Certified Architect - UTM
              Sophos Certified Engineer - XG
              Gold Solution Partner since 2005
              MediaSoft, Inc. USA
              • 0 in reply to BAlfson
                Thanks, SK!

                So far, I have eight rules about common issues.  Do two googles site:astaro.org "what i call rule #" "Cheers - Bob" and site:astaro.org "zeroeth rule" "cheers - Bob"

                Cheers - Bob


                Using these two searches I found 0, 1, 2, 3, 4 and 6.
                Seems like i'm not able to find 5 and 7.
                Anyone a better googler than I am?

                Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

              • 0
                OK, several people have asked for this, so: https://community.sophos.com/products/unified-threat-management/astaroorg/f/51/t/22065

                Cheers - Bob
                 
                Sophos UTM Community Moderator
                Sophos Certified Architect - UTM
                Sophos Certified Engineer - XG
                Gold Solution Partner since 2005
                MediaSoft, Inc. USA
                Unfiltered HTML