This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Redirect traffic to UTM VIP

Hi,

I am using UTM 9 with a single network adapter in order to redirect my traffic based or the host header. Everything works fine, but now I wan to configure the SSL VPN and the User Portal. Since 443 is already used on the Sophos adapter I have created a virtual one with a different IP address to bind to in order to use the VPN and portal on 443.

From the internal network the portal and VPN works fine since its hitting the VIP directly, but from outside I can't get the portal to work, I don't know about the VPN yet. I have created a Virtual Web Server that redirects traffic to the "Real Web Server", the VIP of the network interface, again, based on the host header it gets from the browser. Looks like is having trouble redirecting to one of its own IPs.

For the real server option I have created a new host and added the VIP of the UTM network adapter.

Can I redirect Web traffic to Sophos own IPs using a Virtual Server?

      

 

Thanks



This thread was automatically locked due to age.
Parents
  • Here are my usual recommendations, Adrian:

    • SSL VPN: UDP 1443
    • User Portal: TCP 2443
    • WAF: TCP 443

    Up until Google came up with QUIC (UDP 443) as a way to accelerate HTTPS, I was comfortable with UDP 443 for the SSL VPN.

    All that to say that I wouldn't try to resolve the situation in the way you are trying to do it.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • Here are my usual recommendations, Adrian:

    • SSL VPN: UDP 1443
    • User Portal: TCP 2443
    • WAF: TCP 443

    Up until Google came up with QUIC (UDP 443) as a way to accelerate HTTPS, I was comfortable with UDP 443 for the SSL VPN.

    All that to say that I wouldn't try to resolve the situation in the way you are trying to do it.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children