Unable to access email appliance web interface over wifi/vpn

Hi Ed,

the only requirement is that you allow the self signed certificate (unless you have put a ca certificate on the appliance)   and that you have access to port 18080

the address should be  https://192.168.5.1:18080  

assuming that's the appliance's ip.

If you have verified the page is not been blocked for certificate reasons and used the apporiate address then you most likely need to address your firewall/infrastructure. 

Thanks RW,

Let me clarify I'm trying to access the End User Web Quarantine page that uses port 10443 over wifi/vpn....does what you state above still apply? Is there some sort of configuration I need to complete?

Best,

Ed

Hi Ed,

#1

Under configuration / accounts / user preferences

there is a checkbox on the left to enable the portal.

then at the bottom is the "configure" button ensure the portal is 10443

#2 

verify the exact url

configuration / policy / encryption / spx portal tab

under the portal button it will display the exact url that the appliance will use and what port is for what (443 vs 10443)

#3

ensure you can resolve the hostname / ip address.

The most common issue is sharing 443 with owa or another application, or port 10443 is blocked / dropping traffic.   etc. You could also verify that you are able to connect to any of the above addresses on the same network / subnet of the appliance.. This would verify any routing issues.

So I've figured it out.

For anyone who is using Palo Alto firewall and is running into this issue and has verified it is not on the appliance side and is a networking issue..this is what I did to resolve the issue. Please take into consideration your enviornment will be different but the solultion is 3 fold.

1) Under Policies>security, make a rule which allows your wifi network to your sophos public address (

2) Under Polices>NAT, make a U turn NAT...(Destnation address should be the sophos public address and the destination translation should be the sophos private address...make sure to add port 10443 under the translated port area)

3)Under polices>Policy based forwarding, you may or may not have a wifi PBF rule...under that rule negate your sophos private and public addresses under the " Destination/application/services" tab.

These three rules allowed be to access the quarantine email on my coperate wifi ad vpn..your setup will be different but hopefully this helps.

Best,

EA

So I've figured it out.

For anyone who is using Palo Alto firewall and is running into this issue and has verified it is not on the appliance side and is a networking issue..this is what I did to resolve the issue. Please take into consideration your enviornment will be different but the solultion is 3 fold.

1) Under Policies>security, make a rule which allows your wifi network to your sophos public address (

2) Under Polices>NAT, make a U turn NAT...(Destnation address should be the sophos public address and the destination translation should be the sophos private address...make sure to add port 10443 under the translated port area)

3)Under polices>Policy based forwarding, you may or may not have a wifi PBF rule...under that rule negate your sophos private and public addresses under the " Destination/application/services" tab.

These three rules allowed be to access the quarantine email on my coperate wifi ad vpn..your setup will be different but hopefully this helps.

Best,

EA