Solved

Is there a way to forward Port 443 SSL to more than one device on a Symantec Gateway 320 Firewall?

Posted on 2008-10-28
4
617 Views
Last Modified: 2012-05-05
What do you do with this firewall if you have to assign a port forwarding rule to more than one host/server? It doesn't seem possible. I get "service may not be enabled for more than one rule". There must be a workaround... anyone have any suggestions?

Specifically, I want to leave Outlook Web Access/Exchange running on port 443 but also would like to host a VPN concentrator using the same port. Am I just out of luck with this firewall?

0
Comment
Question by:philodendrin
  • 3
4 Comments
 
LVL 4

Accepted Solution

by:
Kaddict earned 500 total points
ID: 22828527
From what I know, trying to forward a port to two computer is trying to send a tennis ball to two different players in two different directions... sounds quite impossible.

sorry if I'm right

-kaddict
0
 
LVL 4

Expert Comment

by:Kaddict
ID: 22828536
If anyone else could confirm that it is completely impossible, I'd be happy

Of course you could have two servers running on your LAN and listening on 443, but on the Internet side, both will not be able to be accessible thru 443. You need to bind for example (443 from internet) to (443 on the Web server) and (444 from internet) to (443 on the router which needs the 443 port)

hope it helps,

kaddict
0
 

Author Comment

by:philodendrin
ID: 22836996
That is what I assumed as well.

I think, in theory, the way to do this would be to have a separate public IP address point to either OWA or the VPN concentrator. In other words, use more than one Static IP and firewall. But I'm very fuzzy on how to put this into practice... wouldn't I need a second NIC in the mail server going to a separate firewall or one dual WAN firewall? Or, the VPN concentrator on a separate public IP?... but, from there I don't know how I'd link the device to the local LAN.

A little more background... What we have now is a T-1 with multiple static IP addresses. We're only using one IP  on our Symantec firewall for PPTP VPN (configured on a Windows 2003 file Server) and OWA (on a separate Exchange 2003 server) . What the client wants is a device that will allow them to connect remotely without having to configure VPN - so, some sort of clientless VPN device like the Netgear SSL312 VPN Concentrator. My problem is that I'm unsure how to integrate it into the existing LAN without stepping on OWA and Windows Mobile... since it'll want to use port 443.  


0
 
LVL 4

Expert Comment

by:Kaddict
ID: 22837720
True. more than 1 public IP, and a lot of work could make this possible :)

Good luck!

-kaddict
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SonicWall Pro 300 Firmware 2 91
clean-up rule netscreen firewall 3 84
Network Infrastructure for Branch Office 16 91
E-mail alerts from Cisco ASA Firepower 3 48
Network traffic routing plays key role in your network, if you have single site with heavy browsing or multiple sites, replicating important application data from your Primary Default Gateway ,you have to route your other network traffic from your p…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now