Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 41 subscribers
  • Views 7030 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Exposed host and HTTPS Certificates

pospo2435

Hi there,

I have a single static public IP that I'm using for SSL VPN incoming connections and for exposing a host (PBX) along with the following services: 80, 443, 5060, 5061, and RTP range 9999-15000.

The PBX manufacturer provides a DNS service and SSL certificate service. When I try to reach the PBX from the internet via HTTPS, everything works fine. However, when I attempt to access it locally using the DNS address, I encounter a certificate error, and it seems to be related to the Sophos certificate if I check throught Chrome.. Similarly, if I use the local IP address, I encounter the same error, but with an old certificate that expired in 2019.

This is an old Sophos machine that was previously configured for this service, and I'm currently attempting to recover the PBX service.

Thankyou in advance for your help



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to pospo2435

    So Accesso lan VOIP does not have "use web proxy instead of DPI mode" checked which means it is using DPI mode.  That means that the SSL/TLS Inspection Rules apply.  Do you have SSL/TLS Inspection Rules that are set to Decrypt the traffic?

    What is in the Log Viewer for both Web Filter and SSL/TLS inspection?

Unfiltered HTML