Access Untangle and Provide external 443 access

[rsm]

Hi - I have a simple issue. I would like to access the untangle configuration page only from the internal interface using https: and port 443. I would also like to port forward port 443 from the external interface to an internal web server. I can get either to work but not at the same time. For my external port forward to work, I have to change the untangle page to something aside from 443. Is there any way to get this to work? Thanks!

Bob

[donhwyo]

Welcome to the forum.
Change the Untangle https port to something other than 443.

Untangleip/admin/index.do#config/network/services

[jcoffin]

It's not port forward but access. In Config -> Network -> Advanced -> Access. You can enabled HTTPS from WAN to access the GUi from the WAN IP. I do not recommend enabling this since it provides a vector into gain access your firewall.

[sky-knight]

The access rule enables or disables HTTPs access regardless of what the service port is. I do NOT recommend using the default HTTPs on WANs rule as it opens things up to everywhere. You can however use a copy of that rule to add source address and create a whitelist of authorized IP addresses relatively safely. Note, the destination port will ALWAYS be TCP 443 regardless of what you do on the services tab.

Then there's the services tab, which lets you move HTTPs off TCP 443. You have to do this if you want to forward TCP 443 to another web server behind Untangle. This is TCP/IP 101, you cannot duplicate ports! TCP 443 is in use on ALL Untangle interfaces until you change the service to another port, and because it's in use, the forward won't work!

[dashpuppy]

It's not port forward but access. In Config -> Network -> Advanced -> Access. You can enabled HTTPS from WAN to access the GUi from the WAN IP. I do not recommend enabling this since it provides a vector into gain access your firewall.

Highly Recommending using the untangle.com/cmd with 2FA enabled.