Hello!
I have on-prem WAF in KRP mode. The deploying scheme looks like this: Client -> Nginx -> WAF -> Web Application.
In some cases clients got 504 status reply from first nginx. The error.log contains standard upstream time out error. That's like KRP's port is close and nginx cannot establish connection to WAF. But manual test are ok and port is up and reply with 200 status.
WAF protect complicated and high-loaded web application with many objects and parameters in profile. Maybe there is some limits for tcp or http connections that needs to rise? Or maby something else I need to check?
Note: I didn't saw such behavior on v13.1 version v2500. Fist case was after update to 13.6 on v2500. I hoped that this problem resoled after migrating to x4510 v 13.6 but this didn't happens.
#On-PremisesWAF(formerlySecuresphere)------------------------------
Anton Kazantsev
Head of Cybersecurity Department
JSC Tochka
Moscow
------------------------------