Enquiry - Github Webhook

Hi Leslie Fleming  Thank you for reaching out to the Sophos community team. Publishing In-house service on Firewall WAN can be done via the DNAT rule. 

https://docs.sophos.com/nsg/sophos-firewall/19.5/Help/en-us/webhelp/onlinehelp/AdministratorHelp/RulesAndPolicies/NATRules/NATDNATServerAccessAssistant/index.html

techvids.sophos.com/.../qQzynSUroGrH9KzEGSnkPA

Hope in your example your URL  www.mydomain.com is pointing to any of your firewall WAN Interface IP. If yes you may use that WAN Interface in the above DNAT with the required service port numbers. 

@Vishal_R,

Thank you very much for the information. Is SNI / Html header rewrite supported by SFVH (SFOS 19.5.1 MR-1-Build278)? I would like to inspect the path of the URL called and based my logic for routing of the URL if possible.

Les

Hi Leslie Fleming In that case WAF will help you. Please find the below feature of WAF, In the advanced settings feature for "Rewrite HTML", and "Pass host header" details there. You may refer "Path-specific routing" section as well.

docs.sophos.com/.../index.html

Thank you for the info Vishal_R . I have setup a WAF rule based on the documentation but I receive a page 404 repeatedly during testing (URL call from external source). I cannot see the error in my configuration and have attached screen captures, which I hope will allow you to possibly see a misconfiguration on my end. When I carry out a policy test, the rule is accepted for the source ip and url for which the log shows 'invalid traffic'.

Your assistance to date is very much appreciated.

Les

Hi Leslie Fleming  Are you able to see any log entry for the source IP in Live Log viewer logs for WAF? You may also check the XG CLI log file for reverseproxy.log. Generally 404 should not be due to WAF but if there is no clue from this logs then would suggest to open a support case to narrow down the situation based on current configurtion and logs.

Example snapshot of WAF Live Log Viewer logs:

Hi Leslie Fleming  Are you able to see any log entry for the source IP in Live Log viewer logs for WAF? You may also check the XG CLI log file for reverseproxy.log. Generally 404 should not be due to WAF but if there is no clue from this logs then would suggest to open a support case to narrow down the situation based on current configurtion and logs.

Example snapshot of WAF Live Log Viewer logs:

 Vishal_R Thanks very much again for the info. I have attached what the log for Web server protection is showing (which also matches what I see in the reverse proxy.log)

What I am not certain of is if the output of the URL format is simply for informational purposes or in fact is misconfigured entirely during rule processing and thus throwing a 404 ?

I can raise a ticket if you think this is the best approach going forward ?

Les 

Hi Leslie Fleming  Try once by disabling  "Rewrite HTML" and "Rewrite Cookie" if that helps and if the status is still the same then the support ticket will help to validate more based on logs and observation.

Same outcome Vishal_R . You wouldn't happen to have a link for the creation of a support ticket?

Hi Leslie Fleming  Below link will help on ticket creation

docs.sophos.com/.../index.html

thank you very much