and Portforwarding 443 (NAT)

SG 125 UTM9


we use a transparent proxy with an authentication against LDAP. If an user enter an URL, he will redirect to and has to login.
Because SSL-certificate-problems with iOS-Devices we change this URL to our own domain and give them a public IP. Now appears, for a login. Thats fine. We cannot add the UTM-certificate, because the mobiles are private.

Now we want to use the same public IP-address and Port 443 for an internal Webserver and forward this IP/Port via NAT. 
Result: The address will forwarded to the webserver and the login page not appears.

Does anyone have an idea to make both work?
Thank you Heiko.

Parents Reply
  • We use the same construct for our Exchange OWA.

    I just run multiple LE Certificates. One that resides on the UTM updating there and one on the Exchange Server. Both are totally seperate.

    UTM Connects to Exchange just fine.

    From the End User point of view, unless they know how to check certificate serial numbers both are undistinguishable.

No Data