Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 6 replies
  • Answers 1 answer
  • Subscribers 5 subscribers
  • Views 1056 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Transparent mode - DMZ

Goldy

Hi guys.

intresting problem. Upside down

Hi guys.

I have interesting problem.

I have some devices in my DMZ, which I need to reach in http.

For security reason, I need to allow access to these resources only from one internal net (Let's say 192.168.40.0/24).

All protocols work fine (Firewall - allow any for this Net, and block all others).

My problem is with HTTP/S, that it works only when i add the DMZ net to skip transparent list.
Filtering Options – Exception, doesn’t work for this.

The problem is that in this situation everybody can reaches those recourses.

Any idea what to do?

 

Thanks…

.

2022:12:02-12:48:03 mhgate-1 httpproxy[6684]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="GET" srcip="10.13.0.71" dstip="192.168.40.10" user="" group="" ad_domain="" statuscode="502" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (MH Content filter action)" size="3283" request="0xcd426e00" url="">192.168.40.10/.../login.html" referer="" error="Connection reset by peer" authtime="0" dnstime="130" aptptime="151" cattime="83404" avscantime="0" fullreqtime="90430" device="0" auth="0" ua="Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:107.0) Gecko/20100101 Firefox/107.0" exceptions="" category="9998" reputation="unverified" categoryname="Uncategorized"

Thanks..



This thread was automatically locked due to age.
Parents
  • 0

    Hey  ,

    Thank you for reaching out to the community, it is clear in the logs itself "statuscode="502" this is a bad Bad Gateway - An HTTP 502 status code (Bad Gateway) indicates that CloudFront wasn't able to serve the requested object because it couldn't connect to the origin server
    Furthermore you can refer the following doc - https://www.hostinger.com/tutorials/502-bad-gateway

    Furthermore we can see  following filteraction="REF_DefaultHTTPCFFAction is triggered check whether or not IP address category is allowed ?

    Thanks & Regards,
    _______________________________________________________________

    Vivek Jagad | Team Lead, Global Support & Services 


    Sophos Community | Product Documentation | Sophos Techvids | SMS
    If a post solves your question please use the 'Verify Answer' button.

Reply
  • 0

    Hey  ,

    Thank you for reaching out to the community, it is clear in the logs itself "statuscode="502" this is a bad Bad Gateway - An HTTP 502 status code (Bad Gateway) indicates that CloudFront wasn't able to serve the requested object because it couldn't connect to the origin server
    Furthermore you can refer the following doc - https://www.hostinger.com/tutorials/502-bad-gateway

    Furthermore we can see  following filteraction="REF_DefaultHTTPCFFAction is triggered check whether or not IP address category is allowed ?

    Thanks & Regards,
    _______________________________________________________________

    Vivek Jagad | Team Lead, Global Support & Services 


    Sophos Community | Product Documentation | Sophos Techvids | SMS
    If a post solves your question please use the 'Verify Answer' button.

Children
Unfiltered HTML