Guest User!

You are not Sophos Staff.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WAF XGS: Not working

Hello,

I am trying to set up a WAF rule on an XGS. Basically the setup is clear, but I can't get a connection from the WAN to the webserver.
I tried to find out by log why it does not work. but I do not get further.
I use : SFOS 18.5.1 MR-1-Build326
My rules briefly as a screenshot.

What else do I have to do so that the WAF Rule works?




This thread was automatically locked due to age.
  • Hello!

    You don't need two separate rules for HTTP (80) and HTTPS (443), please delete one of those WAF Policy then enable the HTTPS checkbox, select the certificate, and enable "Redirect HTTP".

    Since the WAF will handle HTTPS, have you already imported the certificate?

    Also, enable "Pass host header", this will help you since you're sending traffic to Nginx.

    Thanks!

  • Hi Prism,

    thanks for the quick reply.
    I have adjusted the settings, unfortunately without success.

    Actually I want to create the certificates via NGINX and Certbot first and then bring them via script into the XGS.
    If I select Redirect HTTP it is no longer possible to create the certificate via port 80 (LetsEncrypt).

    BR
    Elmar

  • EDIT:

    I found out that my NGINX Proxy Manager had an error. After resetting I was able to get a positive response via

    curl -i -k http://test.cccccccc.de, but I can't get it to work with port 443 (HTTPS).

    Rewrite HTML and Pass host header are enabled