inbound web server protection rule routing to wrong LAN device

Has anyone had any issues with Web Server Protection routing traffic to the wrong internal node? It's probably me doing something wrong so I don't want to throw up all the details here, but if anyone else is experiencing anything similar I'll be happy to go into more details. EAP3.

  • Do you by chance have a policy route rule enabled that matches the traffic of the client you used for testing? If yes, does it work when you disable this policy route?

  • I do not, but as I suspected it was a user error. Your comment had be clicking about and I found an inbound NAT rule (I'd checked all the firewall rules, but overlooked the NAT) that redirects port 80 away from my Server Protection Rule, and towards the unintentional node I mentioned.

    So a good take away for me is inbound NAT rules are processed before Server Protection Rules, which I'm sure is on a helpful Sophos slide somewhere, thanks for your help.


    old school planetarion: