Hello everyone,
we are currently migrating from Sophos UTM9 to OPNsense Business Edition and are using the OPNWAF plugin.
The goal is to publish Outlook Web Application (Exchange Server SE) exclusively via reverse proxy/WAF. In general, access to OWA is already working stable.
Problem:
Uploading or attaching files in emails does not work. The upload area just shows a loading spinner which never completes.
No visible rule in the security log that is blocking the upload (at least not identifiable to me)
If Web Protection is disabled → uploads work immediately
If Web Protection is set to "Detect Only" → uploads still do not work ???
If Web Protection is enabled and all triggered rules are excluded/disabled, it also works
I have already disabled or excluded several triggered rules, including:
941100, 920451, 941160, 920640, 920450, 920420, 920180, 920440, 920650,
941180, 920480, 920340, 954130, 920171, 920540, 949059, 949159, 921130, 934100
Has anyone successfully run OWA behind OPNWAF?
If yes, which rules had to be disabled to make file uploads work?
Thanks in advance for any hints.
Best regards
If I would take a guess it might be solvable by tweaking one of the options here, maybe the Regex Match limits or one of the request or response body processing things.
https://docs.opnsense.org/vendor/deciso/opnwaf.html#id1
You can also check the Server Status menu to see why the request might hang, or the Apache http logs if it gets aborted for some reason.
It's definitely weird that it also happens with Detection Only, but I have no short term idea here.
You can also try to set the MPM modules to "Prefork", some users have said it improves Exchange Server operability (Sophos uses the same module)