Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 1290 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WAF

Lev Anni

Hi,

I'm trying to use Web Application Firewall to protect web servers behind NAT. Currently I have configured firewall to accept HTTP traffic and forward it to internal server. So my question is, in case of WAF, is NAT required to exist or it's automatically translated? Seems like I can not make it work, it simply forwards all traffic.

Thanks



This thread was automatically locked due to age.
Parents
  • 0

    Hi  : Thank you for connecting with the Sophos community team. No NAT rule is not required, only in the Firewall rule, the WAF rule is fine to submit the request to the WAF module (reverseporxy). If any matching rule in the NAT rule section is found for the same traffic then it will act as in DNAT in place of WAF.

    Regards,

    Vishal Ranpariya
    Technical Account Manager | Sophos Technical Support
    Sophos Support Videos | Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link.

  • 0 in reply to Vishal_R

    Seems like my previous post did't go through :/

    What is very interesting to me, we are going to protect at least 1000 web sites hosted under one up address. Is it possible to create one single WAF rule for them or it is required to create separate rules one by one, and upload their certificates? Is creating a web server enough and by itself means it is generally protected?

Reply
  • 0 in reply to Vishal_R

    Seems like my previous post did't go through :/

    What is very interesting to me, we are going to protect at least 1000 web sites hosted under one up address. Is it possible to create one single WAF rule for them or it is required to create separate rules one by one, and upload their certificates? Is creating a web server enough and by itself means it is generally protected?

Children
No Data
Unfiltered HTML