I've got SSTP VPN server running on ros5.11, been working fine for months now. Question is can I run a webserver behind the router which also uses TCP port 443? They want to fight each other.
Here are my firewall/NAT rules:
20 ;;; Allow SSL to webserver
chain=forward action=accept protocol=tcp in-interface=ether1-WAN1 dst-port=443
27 ;;; Allow SSTP VPN
chain=input action=accept protocol=tcp in-interface=ether1-WAN1 dst-port=443
;;; SSL to webserver
chain=dstnat action=dst-nat to-addresses=192.168.1.2 to-ports=443 protocol=tcp in-interface=ether1-WAN1 dst-port=443
Re: SSTP and HTTPS
Move SSTP server to other port, for example 444
Re: SSTP and HTTPS
Can't do that the SSTP client software is "hard-coded" to run through port 443.
Re: SSTP and HTTPS
spotts78
Get the second IP from ISP.
Get the second IP from ISP.
Re: SSTP and HTTPS
Getting another IP from my ISP isn't really an option. Guess I'm just stuck...
Re: SSTP and HTTPS
Hi!
That`s a problem by design. You can't assign a port to two applications on on IP.
Stril
That`s a problem by design. You can't assign a port to two applications on on IP.
Stril
Re: SSTP and HTTPS
I'm stupid!
Changed to SSTP listening port in mikrotik to 4430 then in the VPN setup on Windows 7 you can specify a port number in the server address ex: vpnserver.domain.com:4430
Works fine now. Thanks for all the responses and making me think!
Changed to SSTP listening port in mikrotik to 4430 then in the VPN setup on Windows 7 you can specify a port number in the server address ex: vpnserver.domain.com:4430
Works fine now. Thanks for all the responses and making me think!
Re: SSTP and HTTPS
If I change the port in the SSTP server, the contents will continue encrypted?Move SSTP server to other port, for example 444
Re: SSTP and HTTPS
Encryption does not rely on the port number.