Hey,
Try fix an Business Application Rule for my exchange 2016 but says port 443 is used with user portal!!
Can change that what happen if change!!
This thread was automatically locked due to age.
Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.
Hey,
Try fix an Business Application Rule for my exchange 2016 but says port 443 is used with user portal!!
Can change that what happen if change!!
Hello,
On my UTM, I set the user portal of the UTM and also of my XG to 11443. Did you try a reboot after changing the XG user portal from 443 to what ever you made it? Usually after making most UTM and XG changes, they work and no reboot needed.
I use 443 to forward to my web server and allow only https into my web server behind the UTM.
Assuming owa is using and listen on 443, after changing XG user portal to something else, I would think it show / go to owa and not the XG user portal.
Did you just update from UTM to XG or was owa working earlier and you enabled the user portal? You might need to edit or create a port forwarding rule to route 443 to the owa server.
I am well versed with Sophos UTM and just now learning the XG v 16. Used the USER portal on port 11443 without issues on UTM v9, and the port forwarding of 443 / HTTPS to the web server with a port forwarding rule / Nat and DNAt to point to the 443 to the desired server.
See if the business policy / rule is still pointing 443 to the User Portal. I would think after you tell XG to have the user portal listen on the port number you set it to, that it would only be listening for that port and not also on port 443. So if you had a rule pointing 443 to a server or service that was not correct, I would think you would not get anything. In the next week or two I will be configuring XG to port forward 443 to the web server, and my user portal is already set to 11443, I just need to set up and enable myself on the user portal and HTML5 VPN sessions. I will see if I run into a similar issue as you have. I hope by the time of my writing you have resolved the issue.
Chad
Hello,
I assume you have done some searching on the net, this might be old news to you. But anyway I thought to Google all the ports Outlook 2016 use and came up with this information below. the URL link goes to a nice web page with a nice diagram and explanation.. Not sure if for what ever reason for reading the mail it passes that on some other non 443 port. But I would think if Outlook was doing everything secure via web mail it would have everything go over port 443. Not sure if this is of any value to you. Best of luck. I have finally had time to clean up my network switches and things now so that I can start to focus on getting my XG configured and port forwarding to my servers working.
https://technet.microsoft.com/en-us/library/bb331973(v=exchg.160).aspx
Purpose | Ports | Comments |
---|---|---|
Encrypted web connections are used by the following clients and services:
|
443/TCP (HTTPS) |
For more information about these clients and services, see the following topics: |
Unencrypted web connections are used by the following clients and services:
|
80/TCP (HTTP) |
Whenever possible, we recommend using encrypted web connections on 443/TCP to help protect data and credentials. However, you may find that some services must be configured to use unencrypted web connections on 80/TCP to the Client Access services on Mailbox servers. For more information about these clients and services, see the following topics: |
IMAP4 clients |
143/TCP (IMAP), 993/TCP (secure IMAP) |
IMAP4 is disabled by default. For more information, see POP3 and IMAP4. The IMAP4 service in the Client Access services on the Mailbox server proxies connections to the IMAP4 Backend service on a Mailbox server. |
POP3 clients |
110/TCP (POP3), 995/TCP (secure POP3) |
POP3 is disabled by default. For more information, see POP3 and IMAP4. The POP3 service in the Client Access services on the Mailbox server proxies connections to the POP3 Backend service on a Mailbox server. |
SMTP clients (authenticated) |
587/TCP (authenticated SMTP) |
The default Received connector named "Client Frontend <Server name>" in the Front End Transport service listens for authenticated SMTP client submissions on port 587. Note: If you have mail clients that can submit authenticated SMTP mail only on port 25, you can modify the network adapter bindings value of this Receive connector to also listen for authenticated SMTP mail submissions on port 25. |