Reverse Proxy + Access Rules

Hi all,

How to restrict access to services that were published via Reverse Proxy? Can someone provide exmaple configuration?

I've already played with Access Rules after checking box Unified Access Policy. But access policy not working. 

Attaching log file showing that rules not working. It is just passing traffic according empty rule... Im confused. 

4 Replies

What exact services are you trying to block? Can you send a screenshot of the rule you created? Please blur out any sensitive info.


Block services? Nope.

I've published services via Reverse Proxy:

1. Service 1:  --->

2. Service 2:  --->

So, when there is an external requests to subdomain Service1 it proxies to internal service. I want to create access rule for that https://*   services. For example, Group of external IP addresses have access to, or only US IP addresses (Updatable object) have access to and etc.

When you say "Reverse Proxy" are you referring to the configuration here?
More details on exactly what you've configured will help.

Dear @PhoneBoy ,

Thank you for reply, and

Of course I read some topics, how would I publish web service via ReverseProxy without reading docs?

I have published web service:proxyrule.png

And it works fine, it published and I can access it from internet. But I want also create some Access Rules for published services and give access only known hosts from internet. Some of checkmaters are saying that it is not possible. But,

After playing with rules and analyzing it, i noticed that Access Rules working but Partially

When you create Accept rule for ExternalIP and dst, traffic goes through that rule. But other External IPs goes through Implied Access Rule 0:




So traffic goes in this order i believe:




It just cant reach drop rule. If there is any way to disable implied rule, or move the order of Accept rule of Implied Rule and place it after Drop Rule of Access Policy it will work i think.


