Simon Allaway
asked on
SBS 2011 Securing Port 443 on firewall so only one External IP can access
Hi Guys
On scanning my public IP address I noticed that port 443 was open using port forwarding. This is obviously for owa and remote workplace etc but I was wondering if there was a way I could secure it more.
Is there away that I could say by a domain name say remote.com and then have a forwarder setup with my hosting company to my public IP address. I then could make a rule to only accept ip traffic from 1 ip address ie my hosting company and block all other access from all other traffic? I have setup my firewall to report of any DOS attacks etc and I am getting loads of them and want to make my business more secure.
Regards
Simon
On scanning my public IP address I noticed that port 443 was open using port forwarding. This is obviously for owa and remote workplace etc but I was wondering if there was a way I could secure it more.
Is there away that I could say by a domain name say remote.com and then have a forwarder setup with my hosting company to my public IP address. I then could make a rule to only accept ip traffic from 1 ip address ie my hosting company and block all other access from all other traffic? I have setup my firewall to report of any DOS attacks etc and I am getting loads of them and want to make my business more secure.
Regards
Simon
Have you considered using a VPN for your remote clients and then removing the port 443 NAT rule to stop external access?
ASKER
Yes we use VPN already but some of our external uses love the remote work place
If your VPN client connects to the router then you can still use remote work place, just connect vpn and then use the internal address used to connect to the remote workplace.
ASKER
Is there not away to do it as mentioned above?
ASKER
Is there not away to do it as mentioned above?
Another option would be to change the HTTPS port on the router to another port number.
Looking at using a https proxy server may also be an option but I think it would be difficult to maintain in my opinion.
ASKER
Sorry I have never heard of that. How does it work?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.