Change SSL VPN Port

Is it possible to change the SSL VPN Port for Remote Access??

... and for the User Portal, too?

  • In reply to Billybob:

    SSL VPN is allowed in the zones for that zone that im forwarding to. You need a dnat rule please see all the other posts in this fourm. We are changing the SSL VPN port from 8443 to something else using a DNAT.

  • In reply to Chris Schnobb:

    Sorry, my bad...

  • In reply to MarcBorgers:

    Does this still work for you @MarcBorgers it doesn't seem to work anymore in the most recent Sophos XG.

  • In reply to Chris Schnobb:

    FWIW on the most recent firmware update (16.05.3 MR-3) the port forwarding suggested by Marc also no longer seems to work for me.

    Chris Schnobb

    Does this still work for you @MarcBorgers it doesn't seem to work anymore in the most recent Sophos XG.


  • I can't believe that this work around no longer works now and Sophos hasn't finished this yet. How is this not a priority?

    Anyways, does anyone else have a new workaround?

  • In reply to Chris Schnobb:

    Still broken.

    It's annoying because the same procedure (using a dnat) also worked on Sophos UTM...

  • In reply to Stephen Rothery:

    is there any new work around for this? 

  • In reply to waghelak:

    we need a solution from Sophos team, they should provide any way to do it now until they develop it, we need any solution as this effect our work, most of the countries now block the default port 

  • In reply to MarcBorgers:

    @MarcBorgers I tried this but it's not working !!

  • In reply to KhaledMaged:

    Yes, we urgently need to be able to change the default SSH port, as well as the SSL VPN probe.

    These two services at their standard doors cause many inconveniences.

    It's strange an enterprise solution like Sophos to provide an NGFW without the possibility of changing these settings.

    Please give us the chance to change.

  • I agree with many of these comments below.  It needs to be fixed / option added in the GUI sooner then later.  I have also been an UTM user since v6 (first at work, then also home when the home user license came along). About a month ago I decided to retire my UTM 110 as I decided I wanted to test the new XG Firewall Home Edition on a much more powerful piece of hardware.  I discovered that unlike the UTM you cannot change the inbound SSL VPN port for not just only the connections but also the user portal.  Well this isn't good as I'm also running windows Server Essentials, I cannot change ports on that medium either.  Is it possible to have this added into a future release of the new operating system?  I ma not totally convinced with the XG line.  Maybe I should go back to UTM.  This new XG operating system seem like it has been a beta project since initial production.  Thanks

  • 17 is out. Still not fixed. I’m baffled as to why. Isnt the point of SSL VPN to tunnel over the standard SSL ports? This issue has become a frustration when users travel.