Jump to content
Welcome to our new Citrix community!

App Firewall-HEAD traffic apparently blocked


Recommended Posts

Hi everyone:

 

I would like to know if application firewall block HTTP traffic that use HEAD as HTTP method, without reporting any syslog alert.? This is because one of my customers have enabled application firewall and have bound one appfw policy to the Storefront LB. it has deployed the learning rules and the signatures and the connection from NetScaler Gateway to the VDI works fine. But when the user close the session into the StoreFront page, it shows an closed session error. When we checked HTTP request into the browser, we can see that there is HEAD request that is never completed. There is not appfw alerts or syslog messages that shows that the security checks or the signatures is blocked the traffic. If the appfw is unbound, everything works fine. 

 

NS version: 12.1 53.12

 

Thanks in advanced for your help 

 

Edited by nbautis421
Link to comment
Share on other sites

Run an NSTRACE to see if the HEAD *is* actually being dropped by the AppFW. I see no reason that the appfw would drop the HEAD, unless you've set it up to specifically not allow the HEAD to the relevant URL.

 

It might be that the HEAD is being changed by the firewall in some way, and it's THAT which is upsetting the Storefront server....

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...