Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 1 subscriber
  • Views 4378 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Can't seem to get reverse proxy to work

Scacht
Hey all, been pulling my hair out trying to do this, and I'm sure it's something simple I'm messing up.  Currently I can get to any of them inside the network using the domain, but anything outside just timeouts.  The firewall is letting the traffic through, but it seems to get stuck somewhere.  I can ping the subdomains externally.  No output in the web app log either.



Thanks for the help.


This thread was automatically locked due to age.
  • 0
    Hi and welcome to the User BB!

    That all looks good.  Open the Web Application Firewall Live Log, wait 20 seconds, try an access and then show two or three lines here.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    Hi and welcome to the User BB!

    That all looks good.  Open the Web Application Firewall Live Log, wait 20 seconds, try an access and then show two or three lines here.

    Cheers - Bob


    Absolutely no external requests even make it to the web application firewall log, but here are some of the internal requests. 

    2015:09:12-00:24:39 test reverseproxy: id="0299" srcip="192.168.1.119" localip="72.193.129.183" size="25" user="-" host="192.168.1.119" method="GET" statuscode="401" reason="-" extra="-" exceptions="-" time="2117" url="/" server="nzbget.scacht.com" referer="-" cookie="__utma=101699459.382952291.1438050335.1438050335.1438054331.2; __utmc=101699459; __utmz=101699459.1438050335.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); _ga=GA1.2.382952291.1438050335" set-cookie="-"

    2015:09:12-00:24:57 test reverseproxy: id="0299" srcip="192.168.1.119" localip="72.193.129.183" size="25" user="-" host="192.168.1.119" method="GET" statuscode="401" reason="-" extra="-" exceptions="-" time="1674" url="/favicon.ico" server="nzbget.scacht.com" referer="http://nzbget.scacht.com/" cookie="__utma=101699459.382952291.1438050335.1438050335.1438054331.2; __utmc=101699459; __utmz=101699459.1438050335.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); _ga=GA1.2.382952291.1438050335" set-cookie="-"

    2015:09:12-00:27:41 test reverseproxy: id="0299" srcip="192.168.1.119" localip="72.193.129.183" size="440" user="-" host="192.168.1.119" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="2522" url="/" server="test.scacht.com" referer="-" cookie="__utma=101699459.382952291.1438050335.1438050335.1438054331.2; __utmc=101699459; __utmz=101699459.1438050335.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); _ga=GA1.2.382952291.1438050335" set-cookie="-"
  • 0
    If you want to access via the reverse proxy from inside your network, you must put an Additional Address on the Internal interface and create a Virtual Server for that IP address.

    Cheers - Bob

    Sorry for any short responses.  Posted from my iPhone.
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    If you want to access via the reverse proxy from inside your network, you must put an Additional Address on the Internal interface and create a Virtual Server for that IP address.

    Cheers - Bob

    Sorry for any short responses.  Posted from my iPhone.


    I already can access any of them internally, the issue is I can't access any of them externally (outside my LAN), they appear to make it through the firewall since none of the entries get flagged, but they never make it to the app live log.
  • 0
    Are you certain that the server has the UTM as its default gateway?  Any luck with #3, #3.1 and finally #1 in Rulz?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    Yeah, I'm following all the rules.  Kind of baffling to me.  I wanted to see where the traffic is going, so I made a firewall rule at the top to log all http traffic, and it never gets anything.  Is there something that would get it before the firewall?
Unfiltered HTML