Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 7 replies
  • Answers 1 answer
  • Subscribers 6 subscribers
  • Views 21118 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Remote SSL VPN Users cant reach port 4443/4444 on their browser

BigShark

Some Remote VPN users cant reach Admin Page and User Portal on both 4444/4443 respectively but pings and telnet work on those ports from the same system. Could it be public IP related problem?



This thread was automatically locked due to age.
  • 0

    Hi,

    Does your SSL VPN pool have access to your webmin console in "webmin admin" settings?

  • 0 in reply to Shaun Raven

    Dear Shaun,

     

    I think you do not need to have SSL VPN configured before accessing the web portal from the internet. for example https://197.245.x.x:4444 in order to access the sophos firewall web interface. The issue is that, some people can access the portal both webadmin and user portal but others could not. it actually timed out on the web browser.

    Ping to the 197.245.x.x works fine and telnet also works good but on the browser, the users in question are not able to hit or access the web interface. 

  • 0

    Hi, and welcome to the UTM Community!

    As Shaun remarked, you must have "VPN Pool (SSL)" in 'Allowed Networks' in WebAdmin Settings'.

    4443 is reserved for the UTM Manager.  The default port for the User Portal is TCP 443.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0

    Things to consider because you said the problem only affects some users.

    Some remote locations may have their own web filter systems, and have them configured to block nonstandard ports

    Some PC-based security products do web filtering, so you need to poke around in the administrative interface to learn what it is configured to do.

  • 0 in reply to BAlfson

    Hi Bob,

    A bigger pool has been defined to allow remote SSL VPN users to connect smoothly but as i explained earlier, some SSL VPN connections are fine and working well but those who are having challenges or issues connection to the firewall are but able to ping and telnet to the Firewall External IP/Port as well the User portal defined. Am really surprised as to why the ports are opened but yet still TCP connection is not working...

     

    Kindly assist 

  • 0 in reply to DouglasFoster

    Many thanks Foster,

    We have worked on the PC-based filtering rules by disabling windows firewall and other web filtering tools the issue status remained the same. I expect at least the login page to appear since they are able to telnet into those ports. We have changed browsers and other but could it be a bud in the firewall since TCP traffic isnt working for some users ?  

  • 0 in reply to BigShark

    Show us a line from the Firewall log file (not the Live Log) where dstport="4444" is blocked.  Do the same for the other port.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML