Mobile SSL VPN & SNAT
Hello.
I've got a question for setup a mobile SSL VPN to you. When I configure my firebox for SSL VPN I've got an error that the primary and backup ip address can't be used for SSL VPN because there are policies using SNAT from external. Must I have a "free" external ip address here, or are there other methods for this config?
Thanks in advance for your answers.
Regards
Dirk Emmermacher
0
Sign In to comment.
Comments
Yes you need a public IP addr for which HTTPS is not currently being used or you can change the port being used by SSLVPN to something other then TCP 443
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/mvpn/ssl/configure_fb_for_mvpn_ssl_c.html?Highlight=sslvpn port#Advanced
Hello Bruce.
Thanks for the link. I will check it next days. It will be a little work to free on ip address.
Regards
Dirk
Try using 443 UDP vs. TCP
Gregg Hill