SSL VPN built, SecurExtender app in use OK. How to turn OFF the Login Screen available via WAN IP?
I've built an SSL VPN configuration in my USG20W-VPN router, created 2 users & needed objects/services. Downloaded/installed SecurExtender on the remote PC's & laptops. I now want to turn OFF the router login screen that is available to everyone/everywhere via an HTTPS browser session to the WAN IP address. I'm told that port 443 (HTTPS port) must be open to allow the SSL VPN to work. Is this true even AFTER SecurExtender app installed and working OK? Please advise. Seems VERY stupid to leave a full router login screen open to the Internet protected only by the login password...... HELP!
All Replies
-
Hi @BBSBassman
Welcome to Zyxel Community 😁
That’s true, the SecuExtender base on that to establish connection.
If you turn off the www https port, the SecuExtender is unable to establish connection.
For client to site VPN connection, you also can use other method to connect USG. E.g. L2TP or ZyWall IPSec VPN client, in this way, you can turn off the https Web GUI access from WAN.
0 -
You could mitigate this problem by changing the access port to another, not well-known port. The changed port will apply to the https login as well as the SecuExtender connect port.
Further you could set the access permissions for all of your single zones. Finally the login screen will still appear but the login fails in any way.
1
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.5K Security
- 216 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 243 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight