1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

RVL200 SSL on different Port than 443

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by jm23hh, Jan 22, 2009.

  1. jm23hh

    jm23hh Network Guru Member

    Hi,

    we're trying to setup a RVL200 router in routed mode behind another router, which is the gateway for the network. We configured the gateway router as a forwarder for port 443 to a target server (OWA) and as a forwarder for port 444 and the RVL200 as a target for terminating some SSL-tunnels (we also tried other ports/forwardings). Of course we changed the target port in the firewall-settings of the Linksys (latest beta firmware) and configured the device for routed mode by setting a default route in the advanced routing settings. So only one LAN port is used in this setup.

    The main problem now is, that the RVL simply won't listen to another port than 443 apart from the firewall settings, changing the port simlpy won't do anything.

    Changing the OWA port on the target server to another than 443 is no good idea either, so we have to change the port on the Linksys and got it working there because both OWA and SSL have to work on the same network.

    Any help appreciated

    Jörg
     
  2. cjgogo

    cjgogo Guest

    Having similar problems trying to use port 8443 with the latest 1.1.10.1 firmware. We are using an Rv082 as the main router.

    - Changed port settings in the RVL200 to 8443, enable remote admin, disable http
    - On the RVL200, Created a static route to the RV082
    - On the RV082, port forwarded 8443 to the IP of the RVL200

    Any help would be appreciated.
     
  3. Toxic

    Toxic Administrator Staff Member

    http://www.linksysinfo.org/forums/downloads.php?do=file&id=40

    RVL200 Firmware v1.1.10.1 Release Note

    10/24/2008 (beta testing)

    Issues Fixed:
    1. SSL VPN supports Windows Vista 64-bit with Internet Explorer, but not with Firefox.
    2. SSL VPN supports MacOS X 10.5 and Intel-based Mac with Safari and Firefox.
    3. Fixed a SIP ALG issue with SIP re-invite.
    4. Fixed an issue where Diagnostics Ping from router cannot reach the router's WAN IP.

    Known Issues:
    1. Mac OS version 10.4 is known to have a image loss issue with several https servers,
    including RVL200. Images files transmitted over a SSL tunnel can be lost randomly.
    Mac OS version 10.4.8 has fixed this issue.
    2. SSL VPN does not work with Firefox on Windows 2000, 2003, and Vista.

    RVL200 Firmware v1.1.9.1 Release Note

    Issues Fixed:

    1. Fixed SIP ALG interop issue with SPA8000, i.e. not NATing and header distorted.
    2. Port for SSL VPN can be configurable on Web UI.
    3. SSL VPN and Remote Management can be managed (enabled or disabled) separately.

    Known Issues:

    1. Mac OS version 10.4 is known to have a image loss issue with several https servers, including RVL200. Images files transmitted over a SSL tunnel can be lost randomly. Mac OS version 10.4.8 has fixed this issue.

    hope that helps
     
  4. Toxic

    Toxic Administrator Staff Member

  5. jm23hh

    jm23hh Network Guru Member

    Thanks for your answer.

    The problem still persists. Let me explain it a little further:

    The set-up is like in your manual, except we do not have an RV082 but a Funkwerk router with NAT and port forwarding.

    RVL200 is set up like stated in your manual. We now have 3 different scenarios, which are:

    1. RVL200 with SSL-VPN enabled on port 443, Funkwerk router forwards port 443 to the RVL200 -> works, but unusable because we need 443 for OWA

    2. RVL200 with SSL-VPN enabled on port 443, Funkwerk router forwards port 444 to the RVL200´s port 443 -> clients can access the portal, can click the lock, but virtual passage adapter stops dialing with an error stating the necessary port is not open

    3. RVL200 with SSL-VPN enabled on port 444, Funkwerk router forwards port 444 to the RVL200´s port 444 -> RVL200 does not respond at all! No portal page, nothing!

    So it all comes down to these conclusions:

    1. Virtual passage adapter can not work over a NATed port.

    2. RVL200 can not do SSL-VPN over a different port than 443. But why can we change that port in the router?

    Any further hints would be much appreciated. Is there any way to make the RVL200 listen on another port than 443? Is there anything I need to configure in the firewall settings? I do not see any other way of getting this to work...

    Thanks in advance!
    jm
     
  6. Toxic

    Toxic Administrator Staff Member

    what version of firmware are you running jm?

    did you set the WAN router to DMZ for the RVL200?

    you mention you forwarded the port 444 to the RVL but not as a DMZ
     
  7. jm23hh

    jm23hh Network Guru Member

    Thanks for your answer.

    I´m using v1.1.10.1.

    I don´t have the option of setting up a DMZ on the WAN router. But since it is indeed working when using port 443 and port forwarding, why wouldn´t it when using port 444? My problem is, that the RVL200 just does not respond to any other port than 443. I can change the SSL port in the settings to whatever I want, it will only work with 443.

    Is that a bug in the firmware? What difference would a DMZ make when we just need one port? Forwarding that one port should be sufficient. Since it is working with port 443, it should do so with 444 as well...

    Any more ideas?

    jm
     

Share This Page