Menu

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

Http redirected to https

icutzoicutzo Newbie ✭
in Entry Level Firewalls

Hello all

I have a strange problem, when i try to get to my website all traffic that's on port 80 coming from my wan is being redirected to https. When i try on my lan everything works properly. I have checked my X1 interface and the rule for redirecting http to https is not enabled. I have tried to enable it and disable it again but to no avail. I have looked in my nat policies and can not find anything that is rerouting traffic, im kinda stomped


Using tz-215w with latest firwmare.


Thanks

Chris.

bellnet.PNG


Category: Entry Level Firewalls
Reply

Answers

  • SaravananSaravanan Moderator

    Hi @ICUTZO,

    Thank you for contacting SonicWall Community.

    As per your statement, I presume you are trying to access a website that is hosted behind the firewall? You are not talking about the web management access to the firewall. Am I sound right? Please confirm.

    Regards

    Saravanan V

    Technical Support Advisor - Premier Services

    Professional Services

  • icutzoicutzo Newbie ✭

    yes that's exactly right !

  • SaravananSaravanan Moderator

    @ICUTZO - Glad that I was right. Wanted to just confirm the scenario before offering suggestions.

    Could you please follow below steps and respond?

    • Is this a new setup or existing one encountering problems all of a sudden?
    • Are you using the firewall configured WAN IP address or a dedicate WAN usable IP address in the NAT policy and respective access rule?
    • What is the service used in the inbound NAT policy and WAN to respective internal zone access rule? Possibly a screenshot depicting the NAT policy and access rule could help us better.

    Regards

    Saravanan V

    Technical Support Advisor - Premier Services

    Professional Services

  • icutzoicutzo Newbie ✭

    it's a new setup

    im using the ppoe wan ip address

    and here is what im using in my nat

    seagate2.PNG

    rule #1 should do it. Server Public is my wan address, Server private is the internal ip of the web server and WEB services is http

  • SaravananSaravanan Moderator

    @icutzo - Thanks for the screenshot.

    Its the loopback NAT policy that you pointed. If the service original "Segate WEB services" contains ports HTTP and HTTPS, then have you changed the SonicWall's web management port other than 80 and 443? If not, please follow the KB article steps and change it.

    https://www.sonicwall.com/support/knowledge-base/how-can-i-change-the-http-and-https-management-ports-on-utm-appliances/170503585288297/

    This is because, its quite impossible to use same port numbers for two different resources (Firewall and Private Server) on a single public IP address.

    In addition to this,

    • ensure there is a LAN to LAN allow rule.
    • clear the browser cache or try using different browser and test.

    Let us know how it goes.

    Regards

    Saravanan V

    Technical Support Advisor - Premier Services

    Professional Services

  • icutzoicutzo Newbie ✭
    edited July 2020

    yes i failed to mention that i have put the management ports to 8080 for http and 4431 for https and besides the management ports are disabled on the wan interface.

    seagate3.PNG

    so that should in theory work but when i go http:\\www.mywebsite.com i get a UNABLE to CONNECT message in my browser and the address has been changed to https ?!?!

  • SaravananSaravanan Moderator

    @ICUTZO - Thanks for the info. Have you tried with different browsers? If you are using domain name to access the webserver, try with IP address specifically and see. We have covered all possibilities for the cause of the issue issue w.rt SonicWall. Lets try doing packet capture to dig in detail. Please refer the below web-link for the KB article instructions on packet Monitor usage.

    https://www.sonicwall.com/support/knowledge-base/how-can-i-setup-and-utilize-the-packet-monitor-feature-for-troubleshooting/170513143911627/

    If you face any challenges in packet monitoring, please approach our support team for immediate assistance and also for real-time assistance.

    https://www.sonicwall.com/support/contact-support/

    Regards

    Saravanan V

    Technical Support Advisor - Premier Services

    Professional Services

  • icutzoicutzo Newbie ✭

    yes i have tried with just the IP and it does the same thing, also with 3 different web browsers.


    I will try packet monitoring to see if i can find something.

  • ThKThK Cybersecurity Overlord ✭✭✭

    @ICUTZO I understand that you try to reach in internal Webserver Port80 (443) from WAN?

    Why do you have in NAT Rule#1 "Firewall Subnets" ?

    If your request comes from WAN so Try "any" or an dedicated WAN IP Adress (adress Object needed) from which the contact is allowed.

    Also check the Access rules that http or https is allowed (your seagate webservice group then must also contain https )

    In addition to your question for Management from WAN :

    On X1 activated https (http) management.

    If you activate port 4431 for Management as shown your Url is

    https:/your-public-ip:4431

    or as Port 8080 use http://your-public-ip:8080

    Please note management from LAN your type

    https://firewall-LAN-IP:4431

    regards Thomas

  • icutzoicutzo Newbie ✭

    @ThK

    All im trying to do is to reach my internal web server from the wan interface but whenever i put my site name ex : http://www.websitename.com it automatically redirects my browser to https://www.websitename.com and that's not what i want and i haven't done anything for this to happen. I even took another tz-215, factory reset it, reconfigured it and i'm ending with the same problem, I can't understand why this is happening.

Sign In or Register to comment.