I am in the process of setting up a SA 4500. The issue I am facing is that we already have a device configured to listen on port 443. I need to setup the SA on some other port. My question, can I do this for Network connect and WSAM using ports 1024 and above.
Hi M Rafi,
as far as I know you cannot change the listening port for the SA. What you might try is putting a port translating device/system in front of both (NAT 'firewall') where you configure something like:
inet -> NATting dev -> port 443 -> 1st device (e.g. corporate webserver)
inet -> NATting dev -> port 9443 -> 2nd device (e.g. SA4500)
Best of luck!
Thanks for your response. I am not sure if I can do that. So if the 443 traffic is meant for 2nd device how would it get to it. I mean nating device is monitoring if it does not get a response from the first device, then forward it to second one. because the nat device is only getting 443 traffic ( meant for both devices) and even if I change the port on any of the two devices, how is the nat device distinguishing one 443 traffic over the other. Please explain in detail if possible,
the idea is to open 2 ports outside, each one pointing to another internal device:
18.104.22.168:443 -> 192.168.1.1:443
Although this may be unpractical.
What is the other 443 device? Apache webserver?
There is a possibility that I never tested:
Connect the SA to the outside world.
Put the original 443 on a separate realm located at / on the SA, and use aonymous auth.
Add the SA login under /login and use your preffered auth method.
Theoretically, this should solve your problem. Please test!