This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Setting up Remote SSL access

Hi All,
I just recently switch from pfsense to UTM 9 and was in the process of setting up remote access.

Following the remote access instruction from the sophos website "www.sophos.com/.../utm90_Remote_Access_Via_SSL_geng.pdf".

When i get to step of opening the browser to my ip, to get to the user portal.

I can any error in both firefox and explorer. "Secure connection failed. The page you are trying to view cannot be shown because the authenticity of the received data could not be verified" I have tired to go into firefox about:config and set the fallback host option to the same ip, but that doesn't work either.

This thread was automatically locked due to age.

0 TheDrew over 9 years ago

By default the User Portal uses a self-signed SSL certificate which will cause an error as you described. All you have to do is accept the certificate and indicate to FF or IE that the cert is trusted.
Cancel
Vote Up 0 Vote Down

Cancel
0 BAlfson over 9 years ago

Hi, and welcome to the User BB!

Did you follow The Zeroeth Rule in Rulz?

Cheers - Bob
PS Hey Drew!

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel
0 Scott_Klassen over 9 years ago

Hard to say without knowing the exact settings you've configured.

I'm assuming that you're trying to reach the user portal over the VPN and not a direct WAN connection. If this is the case, are you allowing the correct network at Management > User Portal > Global? Also, are you testing this from upstream of the WAN interface and not from a workstation on the LAN behind the UTM? Have you trusted the SSL certificate in your browser?

__________________
ACE v8/SCA v9.3

...still have a v5 install disk in a box somewhere.

http://xkcd.com
http://www.tedgoff.com/mb
http://www.projectcartoon.com/cartoon/1
Cancel
Vote Up 0 Vote Down

Cancel
0 afall over 9 years ago

In the old firefox version i was able to just accept the certificate and continue. But in the new version of firefox 40, there is not that option anymore. Try going to it from IE, i get an error message i have to run on TLS 1.0,1.1,1.2 etc.. When i check in the setting those are already on by default.

Scott,
I am trying to reach the user portal from a direct WAN connection upstream of the wan interface.
Cancel
Vote Up 0 Vote Down

Cancel
0 Scott_Klassen over 9 years ago

You may need to import the certificate. In FF40, this can be found at Options>Advanced>Certificates.

__________________
ACE v8/SCA v9.3

...still have a v5 install disk in a box somewhere.

http://xkcd.com
http://www.tedgoff.com/mb
http://www.projectcartoon.com/cartoon/1
Cancel
Vote Up 0 Vote Down

Cancel
0 afall over 9 years ago

I found out my problem. It turn out i had to turn on the user portal option under management. Those messages in FF and IE were red herring. Thank you for all the help up to now.
Cancel
Vote Up 0 Vote Down

Cancel
0 Scott_Klassen over 9 years ago

Glad you found it.

__________________
ACE v8/SCA v9.3

...still have a v5 install disk in a box somewhere.

http://xkcd.com
http://www.tedgoff.com/mb
http://www.projectcartoon.com/cartoon/1
Cancel
Vote Up 0 Vote Down

Cancel