Flex 200 and public web server

CRP0499 · May 2023

I have a new Flex 200 and it's all set up and configured. I have NAT/Sec Policies for SIP and SSH working as expected, but I can't get Remote Desktop Services and a WEB server accessible from the outside. Note - the RDS is coming in on a different public IP than the web server so I have NAT policies for each of the two IPs sending that traffic to their respective private servers.

I created address objects and wrote NAT policies and Security Policies for the WEB server and I can't access it externally.

The Flex is managed on 8443 so I don't think that's my issue. I'm getting a

Match default rule, DNAT Packet, DROP

error in the log. It's for a Security Policy so I'm thinking I'm missing something in the sec pol, but I can't figure out what it is.

Anyone have any ideas?

Thanks

New INFO: If I switch the default rule to allow, I get an error that I've exposed the mgt interface and the SSLVPN to access from the internet so I'm pretty sure it has something to do with that.

PeterUK · May 2023

Maybe you need to change the SSLVPN port too? VPN > SSL VPN > Global setting tab

you then need Policy Control from WAN to LAN

PeterUK · May 2023

Maybe you need to change the SSLVPN port too? VPN > SSL VPN > Global setting tab

you then need Policy Control from WAN to LAN

CRP0499 · May 2023

SSLVPN is already set to 9443 and I do have a policy set to allow https traffic on the public IP directed to the web server.

CRP0499 · May 2023

I added the WAN to LAN1 policy and it's working. Thank you.

Flex 200 and public web server

Accepted Solution

All Replies

Categories

Security Highlight

Security Help Center