- NG Firewall firmware versions 4.2.x,5.0.x, 5.2.x
- netfence firmware versions 4.2.x
"Firewall Authentication" over HTTPs does not work. No user login is queried in a browser window as expected. From the firewall access cache, no information can be retrieved that the local redirect is responsible for this behaviour. Instead, the local inbound rule "OP-SRV-VPN" seems to be responsible for the malfunction.
Another process is most possibly already binding to the default SSL port 443 on the "Virtual Server IP", and is thus preventing "Firewall Authentication".
When SSLVPN is configured, the VPN Server, for example, listens for an SSL handshake on port 443 by default. If you are operating a VPN server, check if this server is already binding to port 443. To do so, select Control from the box menu, open the Processes tab and double-click the vpnserver process. An informational window is going to open, amongst others, containing data about listening sockets, e.g.
If "Firewall Authentication" shall be used, "VPN Service" binding to port 443 has to be disabled. Proceed as follows to do so:
1. Browse to "Config" > "Box" > "Virtual Servers" > "<Servername>" > "Affected Services" > "<Servicename>" > "VPN Settings" > "Click here for Server Settings"
2. Set parameter "Use port 443" in the Server Configuration section to "No" .
3. Restart the VPN Server service to release the VPN Server binding on port 443.