Results 1 to 4 of 4
  1. #1
    Untanglit
    Join Date
    Jun 2020
    Posts
    23

    Default HTTPS is blocked even with Port Forward enabled... 'filter_blocked'

    Hi all,

    So, I have a peculiar situation here.
    I try to have port 80 and 443 forwarded to an internal server.

    So, I went to Settings -> Network -> Port Forward Rules.
    added....
    Enable = True
    Description = Webserver
    Destined Local IS true
    Protocol IS TCP, UDP
    Destination Port IS 80,443
    New Destination (local IP of Webserver)
    New Port = blanc

    Traffic on port 80 is forwarded.
    Traffic on port 443 never gets to the server.

    Looking in the Reports at Network -> Blocked Sessions I find:
    client xxxx (my mobile on 4G), server yyyy (my WAN address), Server port 443, Filter Prefix 'filter_blocked'

    Details about this say:
    Event: Interface External, Entitled = true, Filter Prefix = filter_blocked, Default policy, Protocol TCP
    Blocked and Flagged by App Control, Bandwidth, Firewall, Threat Prevention say al 'False'

    Where does it go wrong??

    ps.
    I have added the same way of rule for my openvpn and for 2 ftp's (with a source address) and they both work.
    Last edited by HellStorm666; 06-05-2020 at 01:50 PM.

  2. #2
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    9,195

    Default

    Have you moved the GUI ports?

    service-ports.jpg
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  3. #3
    Untanglit
    Join Date
    Jun 2020
    Posts
    23

    Default

    EDIT:
    Finally found it.
    Sooooo stupid ....

    Config -> Network -> Service has HTTPS at 443.
    This is for Untangle itselve on ALL interfaces, so also the WAN (Who wants that??)

    And thus, I can't use 443 again.
    Now pushed that to 444 and the port forward rule works.

    Is there a way to have the Local Service work on ALL but WAN?

  4. #4
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    9,195

    Default

    Quote Originally Posted by HellStorm666 View Post
    Is there a way to have the Local Service work on ALL but WAN?
    Nope. Access per interface is controlled with the access rules. Generally we recommend (default) not having the GUI open on the WAN.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2