11-18-2022 05:18 PM
Hello
So on an inside server (192.168.5.42) I am running an NGINX Web-Server which absolutely needs to be on Port 80 and 443. My FPR1010 has, by default, https access via 443, so when I connect to x.x.x.182 (WAN) (which connects to 192.168.5.42) on https it keeps bringing me to the FPR GUI, and not into my LAN Server.
I have set up every variation of ACL and NAT to direct x.x.x.182:8443 to 192.168.5.42:443. I had made it x.x.x.182:443 to 192.168.5.42:443
Long story short. if my Web-Server "must" be on 443 and FPR "is" on https 443... How do I go through the FPR to my Web-Server?
I did indeed, in FPR Data Management, change https port to 444 but I still can not get inside, so not sure how to correctly do this.
Solved! Go to Solution.
12-05-2022 09:45 AM
It sounds as if you need to change the management port on the outside interface of the Firepower to another port. Go to System Settings > Management Access, where you will see "HTTPS Data Port: 443". Change this to another port number.
I didn't follow your question 100%, but if you want to configure 8443/tcp on the outside to 443/tcp on the server, you should be able to create a static auto NAT with 443 as the original port and 8443 as the translated port.
12-05-2022 09:45 AM
It sounds as if you need to change the management port on the outside interface of the Firepower to another port. Go to System Settings > Management Access, where you will see "HTTPS Data Port: 443". Change this to another port number.
I didn't follow your question 100%, but if you want to configure 8443/tcp on the outside to 443/tcp on the server, you should be able to create a static auto NAT with 443 as the original port and 8443 as the translated port.
12-05-2022 11:07 AM
Yes you can change the FPR listen port to be not 443 nor 80 and hence you can access to server inside
or
I think you can use IP not ip of FPR outside interface in static NAT.
12-06-2022 08:51 AM
I got everything working, thank you.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: