Change SSL VPN Port

Is it possible to change the SSL VPN Port for Remote Access??

... and for the User Portal, too?

  • In reply to Billybob:

    SSL VPN is allowed in the zones for that zone that im forwarding to. You need a dnat rule please see all the other posts in this fourm. We are changing the SSL VPN port from 8443 to something else using a DNAT.

  • In reply to Chris Schnobb:

    Sorry, my bad...

  • In reply to MarcBorgers:

    Does this still work for you @MarcBorgers it doesn't seem to work anymore in the most recent Sophos XG.

  • In reply to Chris Schnobb:

    FWIW on the most recent firmware update (16.05.3 MR-3) the port forwarding suggested by Marc also no longer seems to work for me.

    Chris Schnobb

    Does this still work for you @MarcBorgers it doesn't seem to work anymore in the most recent Sophos XG.


  • I can't believe that this work around no longer works now and Sophos hasn't finished this yet. How is this not a priority?

    Anyways, does anyone else have a new workaround?

  • In reply to Chris Schnobb:

    Still broken.

    It's annoying because the same procedure (using a dnat) also worked on Sophos UTM...

  • In reply to Stephen Rothery:

    is there any new work around for this? 

  • In reply to waghelak:

    we need a solution from Sophos team, they should provide any way to do it now until they develop it, we need any solution as this effect our work, most of the countries now block the default port 

  • In reply to MarcBorgers:

    @MarcBorgers I tried this but it's not working !!

  • In reply to KhaledMaged:

    Yes, we urgently need to be able to change the default SSH port, as well as the SSL VPN probe.

    These two services at their standard doors cause many inconveniences.

    It's strange an enterprise solution like Sophos to provide an NGFW without the possibility of changing these settings.

    Please give us the chance to change.

  • I agree with many of these comments below.  It needs to be fixed / option added in the GUI sooner then later.  I have also been an UTM user since v6 (first at work, then also home when the home user license came along). About a month ago I decided to retire my UTM 110 as I decided I wanted to test the new XG Firewall Home Edition on a much more powerful piece of hardware.  I discovered that unlike the UTM you cannot change the inbound SSL VPN port for not just only the connections but also the user portal.  Well this isn't good as I'm also running windows Server Essentials, I cannot change ports on that medium either.  Is it possible to have this added into a future release of the new operating system?  I ma not totally convinced with the XG line.  Maybe I should go back to UTM.  This new XG operating system seem like it has been a beta project since initial production.  Thanks

  • 17 is out. Still not fixed. I’m baffled as to why. Isnt the point of SSL VPN to tunnel over the standard SSL ports? This issue has become a frustration when users travel.

  • In reply to HolgerLehn:



    v17 MR3 is out, but still not available !?

  • In reply to TheEther:

    Missing BASIC features comes in V20 :D

  • In reply to Jean-Marc Hemelsoet:

    At this point I have no faith that Sophos to fix this anytime soon. We might be better off trying to find a another work around.

    It is surprising that even after this thread gets 100K views and this is the second highest feature request it is still not available.

    In the feature request @Alan Toews mentioned that this will be available after the release of v17. v17 has been released yet no update on this.