This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Exchange 2013 not working through WAF

I configured WAF for Exchange based on these instructions:  https://sophserv.sophos.com/repo_kb/120454/file/Exchange%20WAF%20How%20to%209%202%20new.pdf

I use an AD CA so all of my certs are self-signed.  I also tried to generate new certs within Sophos UTM and neither is working.

When I go here: https://domain.com/owa, I receive this error:

Request blocked

The web application firewall has blocked access to /owa/auth/logon.aspx for the following reason:

No signature found

Not sure what is going on.  Any ideas?

UTM version is 9.210-20

This thread was automatically locked due to age.

Parents

0 twister5800 over 9 years ago
I think i found out, you have this under exceptions:

Title: exception for OWA
Skip: Static URL Hardening
Virtual Webserver: “Exchange Autodiscover”
for paths:
/ecp/*
/ECP/*
/ews/*
/EWS/*
/Microsoft-Server-ActiveSync*
/oab/*
/OAB/*
/owa/*
/OWA/*
Advanced: Never change HTML during Static URL Hardening or Form Hardening

Shoud it not be:

Virtual Webserver: “Exchange OWA

In the above settings?

It works when I change that :-)
-----

Best regards
Martin

Sophos XGS 2100 @ Home | Sophos v20 Technician
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 twister5800 over 9 years ago
I think i found out, you have this under exceptions:

Title: exception for OWA
Skip: Static URL Hardening
Virtual Webserver: “Exchange Autodiscover”
for paths:
/ecp/*
/ECP/*
/ews/*
/EWS/*
/Microsoft-Server-ActiveSync*
/oab/*
/OAB/*
/owa/*
/OWA/*
Advanced: Never change HTML during Static URL Hardening or Form Hardening

Shoud it not be:

Virtual Webserver: “Exchange OWA

In the above settings?

It works when I change that :-)
-----

Best regards
Martin

Sophos XGS 2100 @ Home | Sophos v20 Technician
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data