Hi M Rafi,

as far as I know you cannot change the listening port for the SA. What you might try is putting a port translating device/system in front of both (NAT 'firewall') where you configure something like:

inet -> NATting dev -> port 443 -> 1st device (e.g. corporate webserver)

inet -> NATting dev -> port 9443 -> 2nd device (e.g. SA4500)

Best of luck!

Hi Kalex,

Thanks for your response. I am not sure if I can do that. So if the 443 traffic is meant for 2nd device how would it get to it. I mean nating device is monitoring if it does not get a response from the first device, then forward it to second one. because the nat device is only getting 443 traffic ( meant for both devices) and even if I change the port on any of the two devices, how is the nat device distinguishing one 443 traffic over the other. Please explain in detail if possible,

Regards

Mazhar

Hi Mazhar,

the idea is to open 2 ports outside, each one pointing to another internal device:

1.1.1.1:443 -> 192.168.1.1:443

1.1.1.1:9443->192.168.1.2;443

Although this may be unpractical.

What is the other 443 device? Apache webserver?

There is a possibility that I never tested:

Connect the SA to the outside world.

Put the original 443 on a separate realm located at / on the SA, and use aonymous auth.

Add the SA login under /login and use your preffered auth method.

Theoretically, this should solve your problem. Please test!

Good luck.

thanks buddy,

I will try this tomorrow and will get back to you.

Rgds

Mazhar

Hi Alex,

The other 443 device is Oracle portal.

Rgds

Mazhar

Hi Mazhar,

how did it work out? Does the anon realm work?

Thanks!

If none of those work, you may need to obtain additional static IP addresses from your ISP.