Is it possible to change the SSL VPN Port for Remote Access??
... and for the User Portal, too?
This thread was automatically locked due to age.
Help us enhance your Sophos Community experience. Share your thoughts in our Sophos Community survey.
Hi SecuredNet,
the feature you are requesting will be shipped with SF 17.1 which is currently under testing and will hopefully releases soon.
Regards,
Holger
17.1 has been released and this feature is now there.
Regards Simon
Sophos XG 17.5.1 MR-1 | Dell 7010 | Intel(R) Core(TM) i5-3550 CPU @ 3.70GHz | 8GB Memory
Samsung EVO 850 120GB SDD | 1x Intel 82574L / 2x 82571EB Gigabit Ethernet Controller (rev 06)
Hi guillaume,
port sharing is possible, so you can use port 443 for user portal and SSLVPN.
Best regards,
Holger
Hi SecureNet,
just in case you have not seen yet. In the current version of SFOS 17.1, this feature is implemented.
Best regards,
Holger
I have tried to change the port from 8443 to 443 using UDP mode and it fails saying there is a conflict on that port.
Everything else on the XG is using port 443 is TCP, e.g. WAF.
Can you confirm this is a bug, or how to fix it? It is a significant benefit to have the UDP443 for SSL VPN and TCP443 for WAF
Thanks
Ian
hello
i can not respond on waf + ssl vpn on port 443, cause i don't use waf.
But in my opnion, it's an error to use 443 UDP, because it is usually blocked by firewalls on public access, like the other exotics ports, as 443 normal traffic is TCP and not UDP !
Thank you for your comments.
I agree 443 UDP is not as good as 443 TCP for getting through general public firewalls, but unless we can generate a WAF rule to use a specific address (as per SNI for HTTPS), then I am limited to the options available.
WIth regards to 443UDP vs other ports, Yes I agree 443UDP is more likely to be blocked in comparison to 443TCP, but it is significantly more likely for non 443 ports to be blocked and 443UDP to be open and acceptable.
Also SSL VPN supposedly has better performance on UDP than TCP (according to the setup options, I have never had the opportunity to find out)
Thanks
Ian
Thank you for your comments.
I agree 443 UDP is not as good as 443 TCP for getting through general public firewalls, but unless we can generate a WAF rule to use a specific address (as per SNI for HTTPS), then I am limited to the options available.
WIth regards to 443UDP vs other ports, Yes I agree 443UDP is more likely to be blocked in comparison to 443TCP, but it is significantly more likely for non 443 ports to be blocked and 443UDP to be open and acceptable.
Also SSL VPN supposedly has better performance on UDP than TCP (according to the setup options, I have never had the opportunity to find out)
Thanks
Ian