Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 3 subscribers
  • Views 3590 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web server and RDP on same port 443, possible?

magnusha

My work has disabled Remote desktop connection for port 3389, but allowing port 443. How can the UTM differentiate between web traffic to my domain xxxxxx.com and remote connection on the same port? I have tried to create a virtual web server with i.e. subdomain.xxxxxx.com, but I can not connect to it. Is there any solutions on how to differensiate the traffic on the same port?



This thread was automatically locked due to age.
Parents
  • 0

    Is the UTM at home or in your office?  If in the office, can you make or request changes on it?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to magnusha

    This isn't possible as a DNAT for TCP 443 will preempt your Virtual Server on the same port (see #2 in Rulz).

    There must be some other ports they allow out.  Alternatively, you might be able to use a different port for your Virtual Server.

    If you're allowed to load the SSL VPN client on your machine, you could use Remote Access instead of a DNAT - and that would be more secure in any case.  Another secure solution would be to configure the HTML5 Remote Access method for RDP.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0 in reply to magnusha

    This isn't possible as a DNAT for TCP 443 will preempt your Virtual Server on the same port (see #2 in Rulz).

    There must be some other ports they allow out.  Alternatively, you might be able to use a different port for your Virtual Server.

    If you're allowed to load the SSL VPN client on your machine, you could use Remote Access instead of a DNAT - and that would be more secure in any case.  Another secure solution would be to configure the HTML5 Remote Access method for RDP.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML