Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 8 replies
  • Answers 1 answer
  • Subscribers 26 subscribers
  • Views 10708 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

User Portal - Change External IP Address? "You cannot update the default Admin Console Port as it is used in Business Application Policy"

AllanD

Is there a way to have the external portal use a different IP address then the default WAN address?  For example we currently have a block of 5 external IP's that are for example 200.2.2.1 through 200.2.2.5.  Port 2 WAN is setup as 200.200.200.1 then there are four aliases for .2 - .5.  I have Outlook web access and mobile access both coming in 200.2.2.1 and that's manually setup on 100+ cell phones.  However I cannot enable the user portal on port 443 because it conflicts with this and give the error "You cannot update the default Admin Console Port as it is used in Business Application Policy".  Is there a way to switch the user portal to one of the aliases addresses (200.2.2.5 for example) or do I have to switch my Outlook rules to a different IP along with all the phones?

 

-Allan



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to lferrara

    Yeah....that doesn't make sense.  What makes even less sense is I have SSL websites tied to the aliases (.2, .3, and .4) currently which also are all in the WAN zone.  It just is picking up the first available WAN zone IP instead of letting me choose.  I added my vote to that feature request but I plan on going live with this device in the next couple weeks so looks like I'll be updating DNS and moving things around.

     

  • 0 in reply to lferrara

    Side note to the above.  I've been searching but I can't find a way to do what I want within the sophos.  Can I make some type of rule that redirects say "http://portal.mydomain.com" to "https://portal.mydomain.com:4443" so I can use a custom port easily?  If not I guess I can add a site to IIS that does a redirect to that.  This way I can use a custom port but my users don't have to remember it or type in anything extra.  I also won't have to update cell phones with the new address.

     

    -Allan

  • 0 in reply to AllanD

    Allan,

    you should ask the question on a new thread.

    Anyway you can publish services on one port and do port translation on the DNAT/WAF to 443 ports.

    For example you publish a web server on 4443 but translate the port to 443. In this way on the server itself you do not need to change anything.

    Regards,