Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 1788 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSLVPN Clientless and FAT Client trough Port 443 possible ?

ChrisGER

Hello Commnity,
i'm using an XG firewall (SFOS 17.5.1 MR-1) for quite some time now. The firewall itself works reliably, but regarding SSLVPN connections from the extranet i haven't found any info for my request yet.
 
Requirement
Can the User Portal and the SSLVPN Client Software both communication trough Port 443 or is this not possible?
my previous NGFW use for both SSLVPN (Clientless) and SSLVPN (Client Software) Port 443 and do not required different ports - as is configured by default on my XG firewall?
 
Background
several Hotspots, they are not supporting IPSEC connectivity (public hotspots) are not blocking pure TLS connections trhough Port 443, but 8443 is a non standard and blocked by default during my last public hotspot tests.
 
Would be happy about your feedback, possible experiences with it and thank you in advance.
 
Regards
Chris



This thread was automatically locked due to age.
Parents
  • 0

    Hi Chris,

    your terminology is a bit confusing, hotspots are usually wifi and I do not understand how you can connect to remote hotspots from your XG? Or are you saying that your are trying to connect to the XG from public wifi hotspots?

    Do you have block unrecognised SSL ticked in web -> General -> https decryption and scanning?

    Ian

Reply
  • 0

    Hi Chris,

    your terminology is a bit confusing, hotspots are usually wifi and I do not understand how you can connect to remote hotspots from your XG? Or are you saying that your are trying to connect to the XG from public wifi hotspots?

    Do you have block unrecognised SSL ticked in web -> General -> https decryption and scanning?

    Ian

Children
  • 0 in reply to rfcat_vk

    Hi rfcat_vk,
    as it comes across as confusing forever, here's the whole thing in more detail.

    - the Web Interface (Clientless) VPN Access is enabled on the XG and working for users that are comeing from the extranet site.
    - the FAT Client (SSLVPN Client) is normaly talking to port 8443 to get connected (from the extranet to the XG WAN interfac).
     
    If you are located in a Hotspot (e.g. Starbucks -> outside your LAN) you are not able to use normaly port 8443 to get connected with XG Firewall successful (free hotspots).

    That's why i'm asking about the possibility to use 443 for Clientless and SSLVPN (FAT) clients together.


    Thx and best regards
    Chris

     

     




     

     

  • +1 in reply to ChrisGER

    XG supports Port Sharing between SSLVPN and User Portal (Which is kinda HTML5 VPN).

    So you should be able to set both ports to 443 and it should work. 

     

  • 0 in reply to LuCar Toni

    short reply - it's working fine

    thx for support
    Chris