[9.165][BUG] WAF - site path routing - URL gets scrambled

I seem to have a problem with one of my site path routing sites...

(The 3rd screenshot shows the real server for the site path.)

When I type "secure.mydomain.com/sub_site" in the browser, I get an error "site not found".
The URL gets scrambled like this:

secure.mydomain.com^/(_login|_logout|_form|))sub_site/

is the configured Realm of the first Reverse Authentication profile.

I do NOT use reverse authentication for this site path!

This is only happening with this site path, might be the underscore!?

The only relevant line in the WAF log looks like this:

2013:11:07-15:22:20 vpn reverseproxy: srcip="" localip="" size="199" user="-" host="" method="GET" statuscode="302" reason="-" extra="-" exceptions="-" time="18867" url="/sub_site" server="secure.mydomain.com" referer="-" cookie="JSESSIONID=1waf7jw6nitts1157bl23ixsso; _cookie=BQS9gkeyEeOw2YNglQNkjpRo3jVDNgmp1oH3xY3Trl1A+/AnmraXH2QhoHhWKs3PB1V3hk6LNFQE7b6VBIM2o/n23E1EQafS+2xlXJGu/C/eK1Uyoe/ACH1l1J2eSxNO; 508d626f7872f=51k3rolaauurptdtfajo8j5276; PHPSESSID=gmcl11cv5v0ufcjcuhma4kfvr2" set-cookie="-"

What's going wrong here?

0 Tinkerbell over 11 years ago

Hi scorpionking,

Can you please provide your configuration in the Firewall profile 'secure protection'?
Best,
Bianca
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 scorpionking over 11 years ago
I forgot to say: even if I select "No Profile" in the Virtual Server, the URL gets scrambled. So it doesn't depend on the firewall profile...
----------
Sophos user, admin and reseller.
Private Setup:

XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)

UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 scorpionking over 11 years ago
Just found out: The real web server behind this site path tries to redirect to "/sub_site/subsub" immediately when requesting "secure.mydomain.com/sub_site".

When I try to enter the full URL ("secure.mydomain.com/.../subsub") it works.
The URL only gets scrambled when requesting "secure.mydomain.com/sub_site".

By the way: This used to work seemlessly in 9.106 and previous versions.
----------
Sophos user, admin and reseller.
Private Setup:

XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)

UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Tinkerbell over 11 years ago in reply to scorpionking

Hey,

Thanks for the feedback. Will check with the developer about the code change.
Best,
Bianca
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 scorpionking over 11 years ago
Thanks. Tell me if I can do anything to narrow this down.
----------
Sophos user, admin and reseller.
Private Setup:

XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)

UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Tinkerbell over 11 years ago in reply to scorpionking

Hey there scorpionking,

Im back with some updates. Apparently there is a Mantis ID which fixes your problem and its already merged in 9.170. I will attach it to the thread.
Cheers,
Bianca
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Astaro Beta Bot over 11 years ago

Thanks for reporting. We are now tracking this as Mantis ID #29067
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Astaro Beta Bot over 11 years ago

The Mantis ID #29067 is now fixed. We are planning to release a fix for this issue in Version 9.170.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 scorpionking over 11 years ago
Thanks. I will report back when 9.170 is out.
----------
Sophos user, admin and reseller.
Private Setup:

XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)

UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Astaro Beta Bot over 11 years ago

The Mantis ID #29067 is now being worked on.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel