Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 5 subscribers
  • Views 6082 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

User Portal not working with alternate port

Nolan Brassard

Hello,

I'm trying to enable the User Portal in Sophos UTM 9.510-5. I'm new Sophos and am in the process of setting it up in a sandbox AWS environment to be our intrusion protection system. I followed a demo by Chad Ingles on Youtube to get it configured and successfully routing traffic to our application load balancer. This configuration included setting up a virtual webserver in the Web Application Firewall section of Sophos using port 443.

Since the web app is reserving 443 I'm forced to use a different port for the User Portal. When I turn on the User Portal and try to visit the page it eventually times out. I can't find anything useful in the any of the logs. I'm assuming it's something with my NAT rules. I'm going to include screenshots below of the firewall, NAT(Masquarading) and NAT(NAT) screens. 

I'm also figuring out networking as I go. I know enough to be dangerous but am certainly no expert. I'm assuming I'm just missing something simple. Any help would be greatly appreciated.

Thank you



This thread was automatically locked due to age.
  • 0

    Hey Nolan,

     

    im little bit confused. User Portal is accessed via IP:Port if you change the Port just change it at the bottom of the user Portal Setup Page?

    If im not getting your point please correct me.

     

    Regards

     

    Jason

  • 0 in reply to Jason Klein

    Hi Jason,

    It appears to me that it uses the 443 SSL port unless specified. I've changed it to 8443 instead of 443 since 443 is reserved for my application servers. I enabled the portal, changed the port to 8443, visited the page in a browser and it eventually times out. See images.


     



  • 0 in reply to Nolan Brassard

    Hi,

     

    im sorry you were right idk how that Port Number came to my mind guess its late night now hehe. I compared my config to yours its exactly the same i have no additional rules or something. Only difference is another Port number at my side.

    Have to think about it..

     

    Regards

    Jason

  • 0 in reply to Jason Klein

    I found it and it was for sure user error. I realized this morning the AWS security group protecting the Sophos EC2 was only allowing a few ports access. 8443 was not one of those allowed ports. Simply adding the port resolved my issue.

    Thank you for your help.

  • 0

    Hi Nolan and welcome to the UTM Community!

    Glad you got that sorted out, but a coupla comments...

    The firewall in UTM is very robust, so I always use a wide-open AWS security group.

    One should always start UTM problem solving with the approach suggested by #1 in Rulz.  Had you done that, you would have known immediately that 8443 wasn't blocked in the UTM.

    Cheers - Bob