cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

How To change the default port for SSL VPN Portal access

12288
Views
0
Helpful
0
Comments

By default, the SA500 series appliances use port 443 to establish SSL VPN connections. The following steps walk you through configuring the SA500 appliance to use a port other than 443 for SSL VPN portal access.

Prerequisite:

  • SSL VPN user accounts created
  • Authentication method has been applied to the router for SSL access.

Creating the Service: Custom Services

First we need to define a Custom Service for the port we will use for SSL VPN portal access. This example uses port 60444.

  • Log into router and select the “Firewall” tab, then select the “Services” and click “Add
  • Add the service as shown:     
    • Name: This will be the name of the  *The port number just needs to be above 1024 not necessarily what is shown
    • Type: TCP
    • Start Port: 60444
    • Finish Port: 60444
  • Be sure to hit 'Apply' before proceeding to the next step.

sslvpn_01.PNG

Port Translation: Create IPv4 Firewall Rule

Next we are able to create the IPV4 Firewall rule to allow SSL VPN access via port 60444.

  • Service - This will be the Custom Service you created in the first step Action - ALLOW
  • Service Hosts - Any (You may also define a host or range of hosts)
  • Log - Never is the default value for this option
  • Internal IP Address - This will be theLAN IP address of the SA500 series device
  • Enable Port Forwarding - Check the checkbox to enable
  • Translate Port Number - This will be port 443
  • External IP Address - Dedicated WAN
  • Be sure to hit 'Apply' before proceeding to the next step.

sslvpn_02.PNG

As a final step, verify the IPv4 Rule is correct. A screenshot of the rule we created is below:

sslvpn_03.PNG

The rule reads: Always allow inbound requests to port 60444 from any WAN Host. Translate the the request to port 443 and send it to Any LAN host. Never log these actions.