Customers might be unable to connect with us via the Sophos Malaysia Support Hotline number. Our teams are actively working on a fix. In the interim, we request customers to use the backup hotline number - +65 3157 5922 (Singapore) or raise a support request at https://support.sophos.com/.

Help us enhance your Sophos Community experience. Share your thoughts in our Sophos Community survey.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 12 replies
  • Subscribers 2 subscribers
  • Views 27940 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Webserver protection vs Firewall nat rules

nf
I was only successful using the webserver protection option to setup an internal webserver with its own external static ip address. For some reason using various NAT rules/firewall rules I couldn't succeed. Very basic setup, is that the only way to setup webservers?

my example:  firewall external  ip address  xx.***.***.5
webserver via external:  xx.***.***.6
used dnat rules to take traffic from any, using http, to external (.6) change dest to internal webserver, service to http

also, noticed that using webserver protection doesn't create any firewall rules?


This thread was automatically locked due to age.
  • 0 in reply to BAlfson

    I have configured at least 5 different waf sites, and had to use different protection settings for each one.   Some sites have been unable to use rigid filtering at all.  I dont think form signing or cookie signing have ever worked for me.   It has been a trial and error process each time.  During the sales cycle, I came to expect WAF to be fully automatic, but that has not been my experience, and support has always acted as if trial-and-error is normal.  Nothing was ever escalated to development.

    To ensure trusted traffic, I configure WAF on an internal IP addtess, then edit my Hosts file to point a test pc at the waf site.   I can use live log (on a second PC) to capture the traffic as it occurs, or download the logs after the fact.

  • 0 in reply to DouglasFoster

    Good information again, Doug.

    When I said "developers," I was talking about the people coding the website behind WAF, not the Sophos devs.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML