This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Custom HTTPS port not showing up in URL

I am trying to publish an internal web server over the WAF. The setup is as follows:

  • Internal name: server.company.local , reachable via Port 8089.
  • External name: server.company.com (I have a public DNS record pointing to my static public ip).
  • I've created a real webserver with the internal hostname / IP as the host, Type: HTTP and port 8089.
  • I've created a virtual webserver with type: 'HTTPS & Redirect', port 8089 and a valid letsencrypt certificate for the public name.

I can access the website and login, so that worked. The first problem was that any link on the website pointed to the internal hostname. I resolved this by activating "Pass host header" in the virtual webserver. Now the links point to the correct hostname but the custom port (8089) is missing so when I click on a link it tries to establish the connection via port 443. What am I missing?



This thread was automatically locked due to age.
Parents
  • UTM/SG don't support rewriting URL this way ... as i know.

    i would try to use Port 443 for Virtual webserver (if not used already).

     


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

  • I already use Port 443 for Exchange services and only have one public IP address, so I'm guessing the only other option here is DNAT?

  • It shouldn't be a problem having more than one server listening on the external 443 port. The mapping is done by WAF based on the certificate and the real server.
    I host several external domains all resolving to one IP / port 443
    Internally they are mapped to ports 8281, 8282 etc.

    Grtz, Peter-Paul

     
    SFVH (SFOS 20.0.0 GA-Build222) - Last (re)boot on November 6th  2023
    Asus H410i-plus - Pentium 6605 Gold - 250GB M.2 PCIe NVMe SSD - 8GB - 3 ports
    [If any of my posts are helpful to you please use the 'Verify Answer' link]
Reply
  • It shouldn't be a problem having more than one server listening on the external 443 port. The mapping is done by WAF based on the certificate and the real server.
    I host several external domains all resolving to one IP / port 443
    Internally they are mapped to ports 8281, 8282 etc.

    Grtz, Peter-Paul

     
    SFVH (SFOS 20.0.0 GA-Build222) - Last (re)boot on November 6th  2023
    Asus H410i-plus - Pentium 6605 Gold - 250GB M.2 PCIe NVMe SSD - 8GB - 3 ports
    [If any of my posts are helpful to you please use the 'Verify Answer' link]
Children
No Data