By default, the SA500 series appliances use port 443 to establish SSL VPN connections. The following steps walk you through configuring the SA500 appliance to use a port other than 443 for SSL VPN portal access.

Prerequisite:

• SSL VPN user accounts created
• Authentication method has been applied to the router for SSL access.

Creating the Service: Custom Services

First we need to define a Custom Service for the port we will use for SSL VPN portal access. This example uses port 60444.

• Log into router and select the “Firewall” tab, then select the “Services” and click “Add”
• Add the service as shown:     
  • Name: This will be the name of the  *The port number just needs to be above 1024 not necessarily what is shown
  • Type: TCP
  • Start Port: 60444
  • Finish Port: 60444
• Be sure to hit 'Apply' before proceeding to the next step.
  

Port Translation: Create IPv4 Firewall Rule

Next we are able to create the IPV4 Firewall rule to allow SSL VPN access via port 60444.

• Service - This will be the Custom Service you created in the first step Action - ALLOW
• Service Hosts - Any (You may also define a host or range of hosts)
• Log - Never is the default value for this option
• Internal IP Address - This will be theLAN IP address of the SA500 series device
  
• Enable Port Forwarding - Check the checkbox to enable
  
• Translate Port Number - This will be port 443
• External IP Address - Dedicated WAN
  
• Be sure to hit 'Apply' before proceeding to the next step.

As a final step, verify the IPv4 Rule is correct. A screenshot of the rule we created is below:

The rule reads: Always allow inbound requests to port 60444 from any WAN Host. Translate the the request to port 443 and send it to Any LAN host. Never log these actions.