Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 10 replies
  • Answers 1 answer
  • Subscribers 5 subscribers
  • Views 17296 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

inbound HTTP & HTTPS

Chris Mottershead

i am having trouble setting up the firewall on my UTM to allow HTTP and HTTPS traffic to a webserver the firewall logs show the packets are dropped 

09:20:08 Default DROP TCP  
31.105.130.108 : 35999

192.168.0.2 : 443

my setup is:

firewall rule: Any > HTTP & HTTPS > Any (i have tried different combination in here such as router internal ip > HTTP and HTTPS > any but nothing has worked)

DNAT Internet ipv4 > HTTPS > LAN Network (Again i have tried different combination here but again nothing has worked)

i guess i have misunderstood the posts i have read to help.

could someone point me in the right direction?



This thread was automatically locked due to age.
Parents
  • 0

    DNAT Rule: Any > HTTP & HTTPS > Going: WAN address > Change Destination > InternalServer and Service Leave Blank. 
    Check Automatic Firewall Rule

  • 0 in reply to Ol Deda

    I have changed the DNAT to what you suggested as in the screenshot below i'm no longer getting the drop in the firewall log but the connection is still being refused and isnt making it to the server. the screenshot below is how the HTTPS is setup and the HTTP rule is the same. 

  • 0 in reply to Chris Mottershead

    Hi Chris,

     

    can you try logging your NAT-rule for further investigation?

    (click "Advanced" in the "Edit NAT rule" tab and check "Log initial packets")

    After that you can try to reach your WebServer through https and see if your connection is passing the NAT or not.

    (Maybe also provide the logs after testing)

     

    Regards,

     

    Ole

  • 0 in reply to Ole Heydt

    the logs are showing the rule being accepted and passed then a green line saying its being forwarded but its not making it to the server i have tried 3 different servers and all are not receiving the request on either HTTP or HTTPS i am about to do some more investigation using wireshark and i will post the utm firewall logs 

Reply
  • 0 in reply to Ole Heydt

    the logs are showing the rule being accepted and passed then a green line saying its being forwarded but its not making it to the server i have tried 3 different servers and all are not receiving the request on either HTTP or HTTPS i am about to do some more investigation using wireshark and i will post the utm firewall logs 

Children
Unfiltered HTML