Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 6 replies
  • Subscribers 38 subscribers
  • Views 25348 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

change portal port 443

Bengt Olsson

Hey, 

Try fix an Business Application Rule for my exchange 2016 but says port 443 is used with user portal!!

Can change that what happen if change!!



This thread was automatically locked due to age.
  • +1

    Bengt,

    you can change the user portal without any problem. Of course if you use it, you have to inform all users that the user portal link is changed.

    You can change the user portal under Administration > Admin Settings

    Regards,

  • 0 in reply to lferrara

    Hey,

    have done that but coming to Sophos user portal not my owa what is wrong

  • 0 in reply to Bengt Olsson

    Hello,

    On my UTM, I set the user portal of the UTM and also of my XG to 11443.  Did you try a reboot after changing the XG user portal from 443 to what ever you made it? Usually after making most UTM and XG changes, they work and no reboot needed. 

    I use 443 to forward to my web server and allow only https into my web server behind the UTM.

    Assuming owa is using and listen on 443, after changing XG user portal to something else, I would think it show / go to owa and not the XG user portal.

    Did you just update from UTM to XG or was owa working earlier and you enabled the user portal? You might need to edit or create a port forwarding rule to route 443 to the owa server.

    I am well versed with Sophos UTM and just now learning the XG v 16. Used the USER portal on port 11443 without issues on UTM v9, and the port forwarding of 443 / HTTPS to the web server with a port forwarding rule / Nat and DNAt to point to the 443 to the desired server.

    See if the business policy / rule is still pointing 443 to the User Portal. I would think after you tell XG to have the user portal listen on the port number you set it to, that it would only be listening for that port and not also on port 443.  So if you had a rule pointing 443 to a server or service that was not correct, I would think you would not get anything.  In the next week or two I will be configuring XG to port forward 443 to the web server, and my user portal is already set to 11443, I just need to set up and enable myself on the user portal and HTML5 VPN sessions. I will see if I run into a similar issue as you have. I hope by the time of my writing you have resolved the issue.

    Chad

  • 0 in reply to Bengt Olsson

    Bengt,

    show us what you have configured for OWA and what is not working.

    Thanks

  • 0 in reply to lferrara

    Hello,

    everything works except to read email via Outlook 2016

    have done has made a business rule, but something missing do new rule for Exchange Outllook Anywhere is that for read on my Office 2016 mailprogram

  • 0 in reply to Bengt Olsson

    Hello,

     

    I assume you have done some searching on the net, this might be old news to you. But anyway I thought to Google all the ports Outlook 2016 use and came up with this information below. the URL link goes to a nice web page with a nice diagram and explanation.. Not sure if for what ever reason for reading the mail it passes that on some other non 443 port. But I would think if Outlook was doing everything secure via web mail it would have everything go over port 443. Not sure if this is of any value to you. Best of luck. I have finally had time to clean up my network switches and things now so that I can start to focus on getting my XG configured and port forwarding to my servers working.

     

     

    https://technet.microsoft.com/en-us/library/bb331973(v=exchg.160).aspx

     

    Purpose Ports Comments

    Encrypted web connections are used by the following clients and services:

    • Autodiscover service

    • Exchange ActiveSync

    • Exchange Web Services (EWS)

    • Offline address book (OAB) distribution

    • Outlook Anywhere (RPC over HTTP)

    • Outlook MAPI over HTTP

    • Outlook on the web

    443/TCP (HTTPS)

    For more information about these clients and services, see the following topics:

    Unencrypted web connections are used by the following clients and services:

    • Internet calendar publishing

    • Outlook on the web (redirect to 443/TCP)

    • Autodiscover (fallback when 443/TCP isn't available)

    80/TCP (HTTP)

    Whenever possible, we recommend using encrypted web connections on 443/TCP to help protect data and credentials. However, you may find that some services must be configured to use unencrypted web connections on 80/TCP to the Client Access services on Mailbox servers.

    For more information about these clients and services, see the following topics:

    IMAP4 clients

    143/TCP (IMAP), 993/TCP (secure IMAP)

    IMAP4 is disabled by default. For more information, see POP3 and IMAP4.

    The IMAP4 service in the Client Access services on the Mailbox server proxies connections to the IMAP4 Backend service on a Mailbox server.

    POP3 clients

    110/TCP (POP3), 995/TCP (secure POP3)

    POP3 is disabled by default. For more information, see POP3 and IMAP4.

    The POP3 service in the Client Access services on the Mailbox server proxies connections to the POP3 Backend service on a Mailbox server.

    SMTP clients (authenticated)

    587/TCP (authenticated SMTP)

    The default Received connector named "Client Frontend <Server name>" in the Front End Transport service listens for authenticated SMTP client submissions on port 587.

    Note:

    If you have mail clients that can submit authenticated SMTP mail only on port 25, you can modify the network adapter bindings value of this Receive connector to also listen for authenticated SMTP mail submissions on port 25.
Unfiltered HTML