Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

How To change the default port for SSL VPN Portal access

By default, the SA500 series appliances use port 443 to establish SSL VPN connections. The following steps walk you through configuring the SA500 appliance to use a port other than 443 for SSL VPN portal access.

Prerequisite:

  • SSL VPN user accounts created
  • Authentication method has been applied to the router for SSL access.

Creating the Service: Custom Services

First we need to define a Custom Service for the port we will use for SSL VPN portal access. This example uses port 60444.

  • Log into router and select the “Firewall” tab, then select the “Services” and click “Add
  • Add the service as shown:     
    • Name: This will be the name of the  *The port number just needs to be above 1024 not necessarily what is shown
    • Type: TCP
    • Start Port: 60444
    • Finish Port: 60444
  • Be sure to hit 'Apply' before proceeding to the next step.

sslvpn_01.PNG

Port Translation: Create IPv4 Firewall Rule

Next we are able to create the IPV4 Firewall rule to allow SSL VPN access via port 60444.

  • Service - This will be the Custom Service you created in the first step Action - ALLOW
  • Service Hosts - Any (You may also define a host or range of hosts)
  • Log - Never is the default value for this option
  • Internal IP Address - This will be theLAN IP address of the SA500 series device
  • Enable Port Forwarding - Check the checkbox to enable
  • Translate Port Number - This will be port 443
  • External IP Address - Dedicated WAN
  • Be sure to hit 'Apply' before proceeding to the next step.

sslvpn_02.PNG

As a final step, verify the IPv4 Rule is correct. A screenshot of the rule we created is below:

sslvpn_03.PNG

The rule reads: Always allow inbound requests to port 60444 from any WAN Host. Translate the the request to port 443 and send it to Any LAN host. Never log these actions.

Version history
Revision #:
1 of 1
Last update:
‎10-05-2010 06:18 AM
Updated by:
 
Labels (1)