Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 2 subscribers
  • Views 22189 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Problem publishing internal http Server with https

para el mundo
Hi Forum

I`m new to Sophos UTM and want to publish a internal Ticket Port to our external customers.

The problem is: The internal Server is http only and we want to secure the external traffic with https.

So I created a Real Webserver say:

ticket.int.local, plain http, Port 8080

Next I created a Firewall-Profile, with all Checks disabeld (to start testing)

At last I created the Virtual Webserver:
ticket.external.de, https, Port 443

After this I browse to the https://ticket.external.de.
The Login-Page is loading, and I could login to the server.
After the login, all links in the ticket portal won`t work.

If we check the links, their all point to the internal servername http://ticket.int.local:8080 instead of https://ticket.external.de

If I activated "Pass host header" in the virtual web server, all links change to:
external.de (but not to https://ticket.external.de)


What ist the correct way to make this work?


Here`s the vendors solution to this problem: 
"Behind Proxy

RestAPI can be hidden behind proxy server.



Apache configuration

Apache server has to have enabled proxy and headers modules. You can enable them using command a2enmod

a2enmod proxy

a2enmod headers

Apache configuration (version at least 2.2.4)



ProxyPass        /proxy  http://restapi:8888/restapi

ProxyPassReverse /proxy  http://restapi:8888/restapi



RequestHeader append x-forwarded-path "proxy"

RequestHeader append x-forwarded-scheme "https" #optional, only for https-request to /proxy

Header edit Set-Cookie "^(.*; Path=)(.*)" $1/proxy



Note that, apart from headers which are set by the proxy module (httpd.apache.org/.../mod_proxy.html.

x-forwarded-path - path which is mapped to remote server.

x-forwarded-scheme - scheme used by caller in communication with proxy server (http, https) (since 6.7.3)

Consider the following scenario:

client -> https[:P]roxy server -> http:cmas server

x-forwarded-scheme "https" - will inform restapi that the client uses https scheme (note, communication between proxy and restapi is done in http!) thus the generated document will have links with https at the beginning.

If you use the same scheme to communication client -> proxy and proxy -> restapi, x-forwarded-scheme is redundant.

Both above headers are needed to contruct correct links in the generated documents."


This thread was automatically locked due to age.
  • 0
    Hi,

    enable 'Rewrite HTML' in the Advanced section of the Virtual Webserver.

    The real webserver must point to the DNS host 'ticket.int.local'. It won't work if the real webserver only points to the IP address.

    Sabine
  • 0 in reply to Evianne
    Hi,

    enable 'Rewrite HTML' in the Advanced section of the Virtual Webserver.

    The real webserver must point to the DNS host 'ticket.int.local'. It won't work if the real webserver only points to the IP address.

    Sabine


    Hi Sabine,

    thank you for your help.

    Internal.local is a DNS-Host-Object. Name Resolution works if I check this with "mouse-over"-

    We already tried "Rewrite HTML". (In combination with "rewrite cookies" activated or deactivated")

    After activation this happens:
    From External:
    - Right after the Login we get a 403 access denied from the jboss running on internal.local webserver.

    From Interal:
    After the Login the webbrowser opens, we get a secound login page from the browser which asks for user and passwort for interal.local.
    Ignoring this, we geht the page. But all Links, Pictures... point to http://internal.local:8080/...

    The Html-Code was not rewritten.

    I attached the corresponding Live-Log 

    2015:10:20-09:17:17 utm-1 reverseproxy: id="0299" srcip="80.81.20.10" localip="0.0.0.0" size="85" user="-" host="80.81.20.10" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="5474" url="/restapi/echo/client" server="ticket.external.de" referer="https://ticket.external.de/cm-track/" cookie="JSESSIONID=NYmUkaXg43GiRYW27nBxK8NB; __utma=246494743.39257984.1409036391.1444225498.1444648215.4; __utmz=246494743.1444225498.3.1.utmcsr=forum.external.de|utmccn=(referral)|utmcmd=referral|utmcct=/activity.php; bb_lastvisit=1444225595; bb_lastactivity=0" set-cookie="-"

    2015:10:20-09:17:17 utm-1 reverseproxy: id="0299" srcip="80.81.20.10" localip="0.0.0.0" size="0" user="-" host="80.81.20.10" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="9171" url="/restapi/is_logged_in" server="ticket.baramundi.de" referer="https://ticket.external.de/cm-track/" cookie="JSESSIONID=NYmUkaXg43GiRYW27nBxK8NB; __utma=246494743.39257984.1409036391.1444225498.1444648215.4; __utmz=246494743.1444225498.3.1.utmcsr=forum.external.de|utmccn=(referral)|utmcmd=referral|utmcct=/activity.php; bb_lastvisit=1444225595; bb_lastactivity=0" set-cookie="-"

    2015:10:20-09:17:17 utm-1 reverseproxy: id="0299" srcip="80.81.20.10" localip="0.0.0.0" size="0" user="-" host="80.81.20.10" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="10797" url="/restapi/is_logged_in" server="ticket.baramundi.de" referer="https://ticket.external.de/cm-track/#track=tickets/case-my" cookie="JSESSIONID=NYmUkaXg43GiRYW27nBxK8NB; __utma=246494743.39257984.1409036391.1444225498.1444648215.4; __utmz=246494743.1444225498.3.1.utmcsr=forum.external.de|utmccn=(referral)|utmcmd=referral|utmcct=/activity.php; bb_lastvisit=1444225595; bb_lastactivity=0" set-cookie="-"

    2015:10:20-09:17:17 utm-1 reverseproxy: id="0299" srcip="80.81.20.10" localip="0.0.0.0" size="5326" user="-" host="80.81.20.10" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="200451" url="/restapi/tickets.json/" server="ticket.baramundi.de" referer="https://ticket.external.de/cm-track/#track=tickets/case-my" cookie="JSESSIONID=NYmUkaXg43GiRYW27nBxK8NB; __utma=246494743.39257984.1409036391.1444225498.1444648215.4; __utmz=246494743.1444225498.3.1.utmcsr=forum.external.de|utmccn=(referral)|utmcmd=referral|utmcct=/activity.php; bb_lastvisit=1444225595; bb_lastactivity=0" set-cookie="-"

    2015:10:20-09:17:18 utm-1 reverseproxy: id="0299" srcip="80.81.20.10" localip="0.0.0.0" size="975" user="-" host="80.81.20.10" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="103753" url="/restapi/user/session" server="ticket.baramundi.de" referer="https://ticket.external.de/cm-track/#track=tickets/case-my" cookie="JSESSIONID=NYmUkaXg43GiRYW27nBxK8NB; __utma=246494743.39257984.1409036391.1444225498.1444648215.4; __utmz=246494743.1444225498.3.1.utmcsr=forum.external.de|utmccn=(referral)|utmcmd=referral|utmcct=/activity.php; bb_lastvisit=1444225595; bb_lastactivity=0" set-cookie="-"

    2015:10:20-09:17:18 utm-1 reverseproxy: id="0299" srcip="80.81.20.10" localip="0.0.0.0" size="4" user="-" host="80.81.20.10" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="43763" url="/restapi/queues.json" server="ticket.external.de" referer="https://ticket.external.de/cm-track/#track=tickets/case-my" cookie="JSESSIONID=NYmUkaXg43GiRYW27nBxK8NB; __utma=246494743.39257984.1409036391.1444225498.1444648215.4; __utmz=246494743.1444225498.3.1.utmcsr=forum.external.de|utmccn=(referral)|utmcmd=referral|utmcct=/activity.php; bb_lastvisit=1444225595; bb_lastactivity=0" set-cookie="-"
  • 0 in reply to para el mundo
    Could you please post the log lines when HTML rewriting is enabled?
  • 0 in reply to Evianne
    Could you please post the log lines when HTML rewriting is enabled?


    HI,

    sure.
    First of all: With HTML rewrite and Cookie-Rewrite only, the Webpage won`t let me login (also the "Login" button is changed from "Login" to "".
    We  could only login if we activate "pass host header" ONLY!

    Here are the Log-Files with "Rewrite HTML " only

    Page Load: 
    2015:10:22-10:06:29 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="489" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="4237" url="/cm-track/" server="ticket.external.de" referer="-" cookie="-" set-cookie="-"

    2015:10:22-10:06:29 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="4738" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="4910" url="/cm-track/css/cmtrack-all.css" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:06:29 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="2387" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="4718" url="/cm-track/js/jquery/jquery.ba-bbq.min.js" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:06:29 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="731" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="4134" url="/cm-track/js/jquery/backfix.min.js" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:06:29 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="3291" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="3177" url="/cm-track/js/jquery/jquery.blockUI-min.js" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:06:29 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="6494" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="5310" url="/cm-track/js/jquery/jquery.validate-min.js" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:06:29 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="5030" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="3187" url="/cm-track/js/jquery/jquery.form-min.js" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:06:29 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="1365" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="6070" url="/cm-track/js/jquery/jquery.xml2json-min.js" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:06:29 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="6008" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="4823" url="/cm-track/js/cmtrack.js" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:06:29 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="154" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="4035" url="/cm-track/js/layout.js" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:06:29 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="33086" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="55686" url="/cm-track/js/jquery/jquery-min.js" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:06:29 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="29382" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="47746" url="/cm-track/cmtracklib-all.js" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:06:29 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="98" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="5192" url="/restapi/echo/client" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:06:29 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="428" user="-" host="80.187.103.104" method="GET" statuscode="401" reason="-" extra="-" exceptions="-" time="5543" url="/restapi/is_logged_in" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"


    After click on login: 
    2015:10:22-10:07:15 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="435" user="-" host="80.187.103.104" method="POST" statuscode="403" reason="-" extra="-" exceptions="-" time="134537" url="/restapi/login.json" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:07:15 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="275" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="6372" url="/cm-track/error-message.html" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"


    Same procedure with Rewrite HTML & Rewrite Cookies_

    Page Loaed: 
    2015:10:22-10:11:06 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="489" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="5306" url="/cm-track/" server="ticket.external.de" referer="-" cookie="-" set-cookie="-"

    2015:10:22-10:11:06 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="4738" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="6727" url="/cm-track/css/cmtrack-all.css" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:11:06 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="2387" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="5863" url="/cm-track/js/jquery/jquery.ba-bbq.min.js" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:11:06 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="3291" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="4868" url="/cm-track/js/jquery/jquery.blockUI-min.js" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:11:06 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="731" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="8039" url="/cm-track/js/jquery/backfix.min.js" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:11:06 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="5030" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="3624" url="/cm-track/js/jquery/jquery.form-min.js" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:11:06 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="1365" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="2337" url="/cm-track/js/jquery/jquery.xml2json-min.js" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:11:06 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="6494" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="10142" url="/cm-track/js/jquery/jquery.validate-min.js" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:11:06 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="6008" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="6966" url="/cm-track/js/cmtrack.js" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:11:06 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="33139" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="46681" url="/cm-track/js/jquery/jquery-min.js" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:11:06 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="154" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="19217" url="/cm-track/js/layout.js" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:11:06 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="29382" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="53720" url="/cm-track/cmtracklib-all.js" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:11:06 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="98" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="7578" url="/restapi/echo/client" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:11:07 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="428" user="-" host="80.187.103.104" method="GET" statuscode="401" reason="-" extra="-" exceptions="-" time="6088" url="/restapi/is_logged_in" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"


    After Click to Login: 
    2015:10:22-10:11:59 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="435" user="-" host="80.187.103.104" method="POST" statuscode="403" reason="-" extra="-" exceptions="-" time="39785" url="/restapi/login.json" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"



    With HTML Rewrit, Coockie Rewrite and Pass Host Header :

    Page Load: 
    2015:10:22-10:33:38 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="489" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="14771" url="/cm-track/" server="ticket.externali.de" referer="-" cookie="-" set-cookie="-"

    2015:10:22-10:33:38 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="4738" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="6262" url="/cm-track/css/cmtrack-all.css" server="ticket.externali.de" referer="ticket.externali.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:33:38 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="2387" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="4841" url="/cm-track/js/jquery/jquery.ba-bbq.min.js" server="ticket.externali.de" referer="ticket.externali.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:33:38 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="731" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="3672" url="/cm-track/js/jquery/backfix.min.js" server="ticket.externali.de" referer="ticket.externali.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:33:38 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="5030" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="7223" url="/cm-track/js/jquery/jquery.form-min.js" server="ticket.externali.de" referer="ticket.externali.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:33:38 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="3291" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="8566" url="/cm-track/js/jquery/jquery.blockUI-min.js" server="ticket.externali.de" referer="ticket.externali.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:33:38 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="1365" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="11458" url="/cm-track/js/jquery/jquery.xml2json-min.js" server="ticket.externali.de" referer="ticket.externali.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:33:38 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="6494" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="9546" url="/cm-track/js/jquery/jquery.validate-min.js" server="ticket.externali.de" referer="ticket.externali.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:33:38 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="6008" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="9590" url="/cm-track/js/cmtrack.js" server="ticket.externali.de" referer="ticket.externali.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:33:38 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="154" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="10627" url="/cm-track/js/layout.js" server="ticket.externali.de" referer="ticket.externali.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:33:38 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="33138" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="58178" url="/cm-track/js/jquery/jquery-min.js" server="ticket.externali.de" referer="ticket.externali.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:33:38 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="29351" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="51123" url="/cm-track/cmtracklib-all.js" server="ticket.externali.de" referer="ticket.externali.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:33:39 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="105" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="5177" url="/restapi/echo/client" server="ticket.externali.de" referer="ticket.externali.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:33:39 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="428" user="-" host="80.187.103.104" method="GET" statuscode="401" reason="-" extra="-" exceptions="-" time="6815" url="/restapi/is_logged_in" server="ticket.externali.de" referer="ticket.externali.de/.../" cookie="-" set-cookie="-"


    Click auf Login-Button: 
    2015:10:22-10:34:25 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="435" user="-" host="80.187.103.104" method="POST" statuscode="403" reason="-" extra="-" exceptions="-" time="22521" url="/restapi/login.json" server="ticket.externali.de" referer="ticket.externali.de/.../" cookie="-" set-cookie="-"




    With Pass host header only:

    Page Load 
    2015:10:22-10:42:18 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="524" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="7331" url="/cm-track/" server="ticket.external.de" referer="-" cookie="-" set-cookie="-"

    2015:10:22-10:42:19 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="4769" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="9209" url="/cm-track/css/cmtrack-all.css" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:42:19 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="6488" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="4884" url="/cm-track/js/jquery/jquery.validate-min.js" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:42:19 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="2387" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="2575" url="/cm-track/js/jquery/jquery.ba-bbq.min.js" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:42:19 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="1365" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="9708" url="/cm-track/js/jquery/jquery.xml2json-min.js" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:42:19 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="731" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="18210" url="/cm-track/js/jquery/backfix.min.js" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:42:19 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="154" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="9332" url="/cm-track/js/layout.js" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:42:19 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="5030" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="19024" url="/cm-track/js/jquery/jquery.form-min.js" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:42:19 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="3291" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="20046" url="/cm-track/js/jquery/jquery.blockUI-min.js" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:42:19 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="6008" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="8802" url="/cm-track/js/cmtrack.js" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:42:19 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="29381" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="28617" url="/cm-track/cmtracklib-all.js" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:42:19 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="33090" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="48208" url="/cm-track/js/jquery/jquery-min.js" server="ticket.external.de" referer="ticket.external.de/.../" cookie="-" set-cookie="-"

    2015:10:22-10:42:19 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="98" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="7839" url="/restapi/echo/client" server="ticket.external.de" referer="ticket.external.de/.../" cookie="JSESSIONID=QhW9YDyLIGqnRDmdDCmv8SZP" set-cookie="-"

    2015:10:22-10:42:19 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="429" user="-" host="80.187.103.104" method="GET" statuscode="401" reason="-" extra="-" exceptions="-" time="16607" url="/restapi/is_logged_in" server="ticket.external.de" referer="ticket.external.de/.../" cookie="JSESSIONID=QhW9YDyLIGqnRDmdDCmv8SZP" set-cookie="-"


    Successfull Login: 
    2015:10:22-10:43:29 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="0" user="-" host="80.187.103.104" method="POST" statuscode="200" reason="-" extra="-" exceptions="-" time="170915" url="/restapi/login.json" server="ticket.external.de" referer="ticket.external.de/.../restapi"

    2015:10:22-10:43:29 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="312" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="115619" url="/restapi/user/session" server="ticket.external.de" referer="ticket.external.de/.../" cookie="JSESSIONID=4qQZ24dIqrEDFy4-6oXCC-eH" set-cookie="-"

    2015:10:22-10:43:29 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="30" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="37740" url="/restapi/queues.json" server="ticket.external.de" referer="ticket.external.de/.../" cookie="JSESSIONID=4qQZ24dIqrEDFy4-6oXCC-eH" set-cookie="-"

    2015:10:22-10:43:29 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="0" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="8543" url="/restapi/is_logged_in" server="ticket.external.de" referer="ticket.external.de/.../" cookie="JSESSIONID=4qQZ24dIqrEDFy4-6oXCC-eH" set-cookie="-"

    2015:10:22-10:43:30 utm-1 reverseproxy: id="0299" srcip="80.187.103.104" localip="0.0.0.0" size="912" user="-" host="80.187.103.104" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="274725" url="/restapi/tickets.json/" server="ticket.external.de" referer="ticket.external.de/.../" cookie="JSESSIONID=4qQZ24dIqrEDFy4-6oXCC-eH" set-cookie="-"
  • 0
    Hi, and welcome to the User BB!

    So, does your last post mean that the problem is solved? If not, I know this works, so let's deal with the problems one at a time.  First, let's make this work without HTTPS.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    Hi Bob,

    with plain-text (http) the Portal is working fine and as expected.

    The Problem occurs if I want to publish it with HTTPs (no differnece if https oder https&redirect)

    regards

    para
  • 0
    Please click on [Go Advanced] below and attach a picture of the HTTPS Virtual Server open in Edit.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML