Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 6 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 751 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos WAF

Joel Muodzi

Good day everyone,

I am having challenges enabling WAF. The website is using http and on normal dnat its accessible. The moment I create a WAF with HTTPS and disable dnat rules, i get a 403 forbidden error.

May you kindly assist.

Regards,

Joel



This thread was automatically locked due to age.
Parents
  • 0

    What do you mean exactly with "website is using http"?

    Is the website on the inside of your infrastructure accessible using http? Do you want it to be accessible from the outside using HTTPS?
    Are the certificates in place?

    (I have this scenario https --> WAF --> http [from outside to inside],  have the certicate uploaded tot XG and configured in the WAF rule. Just working fine) 

     
    SFVH (SFOS 19.5.1 MR-1-Build278)  - Last (re)boot on Februari 20 2023
    Asus H410i-plus - Pentium 6605 Gold - 250GB M.2 PCIe NVMe SSD - 8GB - 3 ports
    [If any of my posts are helpful to you please use the 'Verify Answer' link]
  • 0 in reply to Peter-Paul Gras

    Hi Peter,

    Thank you for the reply. Yes i can access it on HTTP, want to access it on HTTPS on the WAN side. Certificates uploaded on XG, and WAF rule set. The moment i enable WAF rule, site no longer accessible. 403/Forbidden. I can access it on the WAN side with DNAT and WAF rule disabled.

  • 0 in reply to Joel Muodzi

    Do you disable DNAT after enabling the WAF rule?

     
    SFVH (SFOS 19.5.1 MR-1-Build278)  - Last (re)boot on Februari 20 2023
    Asus H410i-plus - Pentium 6605 Gold - 250GB M.2 PCIe NVMe SSD - 8GB - 3 ports
    [If any of my posts are helpful to you please use the 'Verify Answer' link]
Reply Children
Unfiltered HTML