Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 12 replies
  • Subscribers 1 subscriber
  • Views 11236 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

URL Hardening Questions

tomtomtom
I have set up WAF in the following way:

1. virtual webserver:

Domains: domain.com
Real Web Servers: Lotus Domino Server
Firewall Profile: Advanced Protection (with URL hardening)

2. real webserver:

name: Lotus Domino Server
host: an internal host (external access via DNAT)

3. firewall profiles:

Advanced with URL hardening.


For testing purposes I have entered only "www.domain.com" in URL hardening.

I tried to open "domain.com/otherthings" directly and this still works. I thought URL hardening would disable the direct access to URLs not entered in the "Entry URL"-list

Do I missunderstand URL hardening or is it the DNAT which does not work with WAF?


This thread was automatically locked due to age.
Parents
  • 0
    Bob,

    That is exactly what I'm trying to accomplish. I believe I tried exactly as you describe, with an allow rule using the external interface, followed by a deny rule any any to the same external IP. Traffic is still getting through to the server. I'm still trying to figure out why. I don't have any DNAT or SNAT rules active for that external IP. I will post when and if I figure out why. Thanks.

    Brian
Reply
  • 0
    Bob,

    That is exactly what I'm trying to accomplish. I believe I tried exactly as you describe, with an allow rule using the external interface, followed by a deny rule any any to the same external IP. Traffic is still getting through to the server. I'm still trying to figure out why. I don't have any DNAT or SNAT rules active for that external IP. I will post when and if I figure out why. Thanks.

    Brian
Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?