We wish to use SSO (using Windows Integrated Security) to publish some of our servers externally. We have setup an ADFS Server on our LAN and a Windows 2012 R2 Web Application Proxy (WAP) in our DMZ to publish these sites externally.
We have managed to get this to work through our (outgoing) Forefront TMG box (with a bit of a 'hack', https://blogs.blackmarble.co.uk/blogs/adawson/post/2014/07/08/Publishing-ADFS-using-Web-Application-Proxy-behind-TMG.aspx), but now want to do the same with our Sophos UTM 320 (running 9.355-1).
We have created an external DNS A Record for the Web Application Proxy and all sites that are published through this have CNAME records that point to the WAP.
We then created a Web Application Firewall rule on the UTM for the WAP. This has a Virtual Webserver that only lists the domain of the WAP and a Real Webserver that points to the WAP.
However this gives us a HTTP 403 Forbidden error when trying to access one of the sites published by the WAP.
Has anyone published a Windows 2012 R2 Web Application Proxy behind a Sophos UTM (9.355-1) using WAF?
This thread was automatically locked due to age.
