When using the UTM Web Protection in transparent mode with AD SSO in combination with the Web Application Firewall (WAF), you receive the following error:
The TCP port '80' is already in use by the AD SSO interfaces.
You may also experience other similar messages relating to conflicts with the User Portal port (443 by default) and the SSL VPN client (also using 443).
First seen in
By default, AD SSO is not restricted to any specific interfaces and will listen on ports 80 and 443 across all interfaces on the UTM. If another UTM feature is already listening on either of these ports, there will be a port conflict with the HTTP proxy. Common examples of this would be the SSL VPN client on port 443 or a virtual web server on port 80.
To avoid conflict between WAF and the Web Protection, you must restrict the interfaces on which AD SSO is performed. Removing the authentication from the WAN interface and assigning this only to your LAN interfaces will allow the two systems to run without conflict.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.