Is it possible to create a WAF Filter to change Port for Userportal?



i have Sophos UTM SG 9.601-5 with Home License. In front of the Sophos there is an Cable Router (Transit Net, Exposed Host to Sophos).

I can Access to Webadmin (Port 4444) and Userportal (Port 1024). WAF is configured that i can reach my internals Servers via Hostname (remote.domain.tld,, monitoring.domain.tld - Port 443 with Wildcard Certificate).


Now i want to reach my Usertportal via https WITHOUT any Port (https://userportal.domain.tld), for this i create:


Real Webserver:

Name: Userportal

Host: Internal IP of Sophos

Type: Encrypt (https)

Port: 1024


Virtual Webserver:

Name: Userportal

Interface: Internet (Address)

Type: Encrypted (https) and redirect

Port: 443

Certificate: Wildcard

Domain: userportal.domain.tld

Real Webserver: Userportal

Firewall Profile: None

Theme: No

Pass Host Header: activated


All other WAF works well, is it not possible to create a WAF rule to the Sophos self direct?!? Is there an Workaround, how to get this works - or doesn't work this configuration?!?


Thanks a lot for your help and have a nice Weekend.

  • Hallo Peter,

    No workaround has been reported here.  The User Portal and WebAdmin share a lot of code, so my guess is that it's a security issue and that it's not possible.

    Cheers - Bob