Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 4 subscribers
  • Views 15560 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Server load balancing

Samuel Ip

Hello Guys

 

I am having problem with SG330 Server load balancing. Config as screenshot below

When i try to access the Webserver from external ip, i got timeout. Firewall rules is now set to Any-Any-Any

No NAT for this connection.

Am i missing anything here?



This thread was automatically locked due to age.
Parents
  • 0

    Is there a reason that you're not using Webserver Protection for this?

    What information do you get from doing #1 in Rulz?  How are you trying to access the Webserver?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hi guys,

    Im on 9.4x firmware. WAF support only port 80/443. The server runs on multiple ports. I will access the server via external ip.

  • 0 in reply to Samuel Ip

    no, the waf supports all ports, not only 80/443

    Manuel of virtual webservers:
    Port: Enter a port number on which the virtual webserver can be reached from external. Default is port 80 with Plaintext (HTTP) and port 443 with Encrypted (HTTPS).

    Manuel of real webservers:
    Port: Enter a port number for the communication between Sophos UTM and the webserver. Default is port 80 with Plaintext (HTTP) and port 443 with Encrypted (HTTPS).

    we're using our sharepoint with the waf on port 443 (+ http redirect) and the sharepoint central administration on port 10000

     

    edit: our utm is on 9.5, but I'm pretty sure this was also working in a previous version like 9.4

  • 0 in reply to logan517

    Sorry i have mixed up my comments.

     

    It should be, i prefer the IIS to be on server load balancing so that i can fully utilize the weigh option. I have the rest of the HA servers running on behind WAF. WAF works real fine and everything behind the Server load balancing will not be able to access from External ip. I read the logs. I have seen something about "default drop"

  • 0 in reply to Samuel Ip

    Alone among the logs, the Firewall Live Log presents abbreviated information in a format easier to read quickly.  Usually, you can't troubleshoot without looking at the corresponding line from the full Firewall log file.  Please post one line corresponding to the problem you saw.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0 in reply to Samuel Ip

    Alone among the logs, the Firewall Live Log presents abbreviated information in a format easier to read quickly.  Usually, you can't troubleshoot without looking at the corresponding line from the full Firewall log file.  Please post one line corresponding to the problem you saw.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Unfiltered HTML