Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 2 subscribers
  • Views 1818 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SNAT, DNS and HTTPS

giallu
I have a webserver in a DMZ, serving HTTP and HTTPS to internet.

To let it be accessible I've done a setup like the one i suggested in this topic.
Anyway, a strange thing is going on since HTTP is passing in but HTTPS if blocked by the firewall.
Checking the livelog I can see that packets are rejected from a.b.c.d (an external ip) to x,y,w,z (the SNATted IP of the web server) while I allow HTTP/HTTPS traffic to 10.0.0.10 (the DMZ web server's IP).

I really really really can't understand why packects for HTTP pass the firewall (Dest 10.0.0.10) while HTTPS not.

please give me some hint

Regards


This thread was automatically locked due to age.
  • 0
    Hm,

    I' ll give a quick shot at your problem:
    Maybe it's because of the WebAdmin listening on the https port, but this is blocked to external IPs, so your pakets are rejected. What about trying to run the WebAdmin on another port?

    Don't know if that helps, but I'd give it a try.

    Greets,
    Andreas
Unfiltered HTML