I did have WAF set up for my single Exchange 2013 server successfully for ages, but my UTM rebooted and lost the Interface config so i had to reinstall. I followed the Sophos KB article for setting up Exchange in WAF again and Im pretty sure I set it the same as before. My exchange IIS has a wildcard cert on it and i uploaded the wildcard cert pfx on to the UTM to use in the WAF rules. I had it all set up but couldnt access anything on exchange externally, so i decided to delete everything and just set up OWA to get it working then add the others, but i still cannot get it to work.
Im using the WAF Live log while attempting to access my OWA to try and see whats wrong but it doesnt appear to be getting through? Should setting up the WAF create auto Firewall rules in network protection Firewall?
This is what i get in my WAF log: -
2015:08:10-16:26:25 sophosutm reverseproxy: [Mon Aug 10 16:26:25.354340 2015] [core:warn] [pid 7985:tid 4147455680] AH00111: Config variable ${URLHardening_HTTP_Hostname} is not defined
2015:08:10-16:26:25 sophosutm reverseproxy: AH00112: Warning: DocumentRoot [/var/www/REF_RevFroOwa] does not exist
2015:08:10-16:26:25 sophosutm reverseproxy: [Mon Aug 10 16:26:25.405997 2015] [ssl:warn] [pid 7985:tid 4147455680] AH01909: bdmexc01.bdm.local:443:0 server certificate does NOT include an ID which matches the server name
2015:08:10-16:26:26 sophosutm reverseproxy: [Mon Aug 10 16:26:26.000914 2015] [mpm_worker:notice] [pid 7985:tid 4147455680] AH00292: Apache/2.4.10 (Unix) OpenSSL/1.0.1k configured -- resuming normal operations
2015:08:10-16:26:26 sophosutm reverseproxy: [Mon Aug 10 16:26:26.000949 2015] [core:notice] [pid 7985:tid 4147455680] AH00094: Command line: '/usr/apache/bin/httpd'
2015:08:10-16:26:26 sophosutm reverseproxy: [Mon Aug 10 16:26:26.000982 2015] [mpm_worker:warn] [pid 7985:tid 4147455680] AH00291: long lost child came home! (pid 26435)
2015:08:10-16:26:26 sophosutm reverseproxy: [Mon Aug 10 16:26:26.000998 2015] [mpm_worker:warn] [pid 7985:tid 4147455680] AH00291: long lost child came home! (pid 26444)
2015:08:10-16:28:58 sophosutm reverseproxy: [Mon Aug 10 16:28:58.876409 2015] [url_hardening:error] [pid 26893:tid 4122778480] [client 66.208.124.99:60662] Hostname in HTTP request (77.107.146.211) does not match the server name (REF_RevFroOwa_redirect_ssl)
2015:08:10-16:28:58 sophosutm reverseproxy: id="0299" srcip="66.208.124.99" localip="77.107.146.211" size="229" user="-" host="66.208.124.99" method="GET" statuscode="403" reason="-" extra="-" exceptions="-" time="653" url="/CFIDE/administrator/" server="REF_RevFroOwa_redirect_ssl" referer="-" cookie="-" set-cookie="-"
2015:08:10-16:52:42 sophosutm reverseproxy: id="0299" srcip="127.0.0.1" localip="127.0.0.1" size="109" user="-" host="127.0.0.1" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="633" url="/lb-status" server="localhost" referer="-" cookie="-" set-cookie="-"
Any ideas?
Thanks
JK
This thread was automatically locked due to age.