I'm migrating from TMG to Sophos firewall and I have faced a problem - I can't setup the OWA webpage to work .. All rules set according to Sophos manual ( see : sophserv.sophos.com/.../Exchange WAF Guide - UTM 9.3 - Nov 2015.pdf).
ActiveSync service is working, but OWA webpage does not. WAF rule was set with form based authentication in frontend (with default sophos form) and basic authentication on backend to CAS server. When trying to access the OWA webpage from outside (https://owa.xxxxx.xxxx.xx/owa) the firewall presents the following error:
Request blocked: The web application firewall has blocked access to /owa_uxtlcrcuw_form for the following reason: No signature found
I have checked the firewall profile for OWA and it does contains /owa and /OWA urls.. Also there are Exceptions for static URL hardening with /owa/* and /etc/* ...
Without checking Static URL hardening in the WAF profile the loging form is displaying, but after entering the login credentials popups window with windows login box again..
On CAS exchange server checked both Integrated Windows Authentication and Basic Authentification for OWA and ECP sites..
The question is - where I need to look for problem to fix OWA application? Please help!
Regards,
Michael
This thread was automatically locked due to age.