Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 8 replies
  • Subscribers 1 subscriber
  • Views 18073 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Exchange 2013 not working through WAF

cstanley
I configured WAF for Exchange based on these instructions:  https://sophserv.sophos.com/repo_kb/120454/file/Exchange%20WAF%20How%20to%209%202%20new.pdf

I use an AD CA so all of my certs are self-signed.  I also tried to generate new certs within Sophos UTM and neither is working.

When I go here: https://domain.com/owa, I receive this error:

Request blocked

The web application firewall has blocked access to /owa/auth/logon.aspx for the following reason:

No signature found

Not sure what is going on.  Any ideas?

UTM version is 9.210-20


This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to Nemo
    Secure Exchange Webservices with Sophos UTM WAF | Network Guy 
    i wrote a working tutorial, it's working with Exchange 2013


    Thanks for doing a great job writing this [:)] - I have tested it out, just tried to fetch mail from my phone, but I get an error and the WAF logs shows this:

    [HTML]2015:07:15-20:55:31 mail-2 reverseproxy: id="0299" srcip="***.***.***.***" localip="YYY.YYY.YYY.YYY" size="224" user="-" host="***.***.***.***" method="POST" statuscode="403" reason="url hardening" extra="No signature found" exceptions="-" time="17581" url="/Microsoft-Server-ActiveSync" server="mail.domain.dk" referer="-" cookie="-" set-cookie="-"
    2015:07:15-20:55:33 mail-2 reverseproxy: [Wed Jul 15 20:55:33.101627 2015] [url_hardening:error] [pid 30052:tid 4071471984] [client ***.***.***.***:34964] No signature found, URI: https://mail.domain.dk/Microsoft-Server-ActiveSync?User=user&DeviceId=2LHJU5HQL16VH1FBOBAA7I9U00&DeviceType=iPhone&Cmd=Ping
    2015:07:15-20:55:33 mail-2 reverseproxy: [Wed Jul 15 20:55:33.102686 2015] [cookie:error] [pid 30052:tid 4071471984] [client ***.***.***.***:34964] No signature found, cookie: X-BackEndCookie
    2015:07:15-20:55:33 mail-2 reverseproxy: [Wed Jul 15 20:55:33.102703 2015] [cookie:warn] [pid 30052:tid 4071471984] [client ***.***.***.***:34964] Dropping cookie 'X-BackEndCookie' from request due to missing/invalid signature
    2015:07:15-20:55:33 mail-2 reverseproxy: [Wed Jul 15 20:55:33.102712 2015] [cookie:error] [pid 30052:tid 4071471984] [client ***.***.***.***:34964] No signature found, cookie: ClientId
    2015:07:15-20:55:33 mail-2 reverseproxy: [Wed Jul 15 20:55:33.102715 2015] [cookie:warn] [pid 30052:tid 4071471984] [client ***.***.***.***:34964] Dropping cookie 'ClientId' from request due to missing/invalid signature
    2015:07:15-20:55:33 mail-2 reverseproxy: id="0299" srcip="***.***.***.***" localip="YYY.YYY.YYY.YYY" size="224" user="-" host="***.***.***.***" method="POST" statuscode="403" reason="url hardening" extra="No signature found" exceptions="-" time="16525" url="/Microsoft-Server-ActiveSync" server="mail.domain.dk" referer="-" cookie="-" set-cookie="-"
    2015:07:15-20:56:12 mail-2 reverseproxy: [Wed Jul 15 20:56:12.017871 2015] [url_hardening:error] [pid 30052:tid 4063079280] [client ***.***.***.***:33675] No signature found, URI: https://mail.domain.dk/Microsoft-Server-ActiveSync?User=user&DeviceId=2LHJU5HQL16VH1FBOBAA7I9U00&DeviceType=iPhone&Cmd=Ping
    2015[/HTML]

    Any advise?

    -----

    Best regards
    Martin

    Sophos XGS 2100 @ Home | Sophos v20 Technician

Unfiltered HTML