SSL VPN on port 443/tcp

Hi Jindrich,

Yes, that is possible but doing that with a free license in a business context is against the terms and conditions of the free home license.

I've tagged the two PMs and hope either of them are responsible for this and can comment.

Emile

I am afraid, that you would need that (possibility to listen on specific IP address) AT LEAST for:

XG SSL VPN

XG WAF

XG User portal

Again - all of that was slowly but surely added in UTM9 history.

Possibility to change SSL VPN port is really useless without possibility to use 443/tcp.

PS: Btw. in UTM9 you can use SSL VPN and User Portal both on same IP and port...

As far as I know the free !BASE! license is usable also for business without limitation (only that you have no support, but can you buy support separately).

Again - it is just theory we only sell hardware appliances - always (except UTM9 email protection only).

Base License in XG has a single purchase cost. After this, its free to use for commercial uses. 

Its not like on UTM, hence the base license has more features. 

Just to be sure: XG supports User Portal and SSL VPN on the same port like UTM. 

Only WAF is blocked by SSL VPN after changing the port to the same port. 

Hi Jindrich,

There is not a free base license for the XG in a virtual config and as Lucar states a perpetual base license does have to be puchased.

I've just checked and the User portal and SSL VPN cannot seem to co-exist on the same interface if they are both TCP/443.

Emile

Actually even more. WAF na User portal supports the same port (443/tcp) :-)

Tried now SSL VPN and User Portal on Port 1443. Works fine. So most likely both will work on 443. 

You are absolutely right. We sell hardware appliances, which is bundle of hardware and base license. I never realize, that for virtual appliance you have to buy base license. Thanks for pointing this out - additional reason for SSL VPN on port 443/tcp :-)

They will, until you need to use 443/tcp for WAF.

So recommended setup from me is:

WAF+User portal - 443/tcp - so you don't need special port for User portal

SSL VPN -> any other port, which in this case really does not matter....

Hi Lucar,

Yes, you can do it for 1443 but you cannot do it for 443, there seems to be extra checks on 443. See below on the failure:

But works if it's set to 1443:

There is definitely something wrong on the 443 port.

Emile