Allowing HTTPS 443 traffic only - not working
-
So then look at your firewall log and see what's being blocked on that vlan. Are you blocking DNS as well?
But opening port 443 for HTTPS doesnt allow HTTPS websites to load (browser) or be pinged.
Ping aka ICMP:EchoRequest is not a tcp protocol and does not use port 443.
-
Well you would also need dns to be able to resolve https://www.something.com
And yeah trying to ping www.something.com not going to work either without icmp being allowed, and being able to resolve it unless your just wanting to ping the IP directly. Then you only need to allow icmp..
-
Heres a screenshot of the rules on that VLAN and yes I know some are disbaled for now but thats not the issue.
as you can see I have an allow 443 rule for the IP/alias I want to access HTTPS
image url) -
And there are ZERO hits on that current rule.. So no rule never triggered... What is in your camserv alias table? Look under diag
And I guess hitting an IP, and not trying to resolve anything. Since you are not allowing dns when you had hits on your https rule
-
@johnpoz the alias is just one single IP
when the alow all rule for that alias is enabled as it is now, HTTPS loads fine. when I disable that rule and enable the port 443 rule - HTTPS does not work
so what am I missing? Do I need to do something on the WAN?
-
Show the rule that DOES NOT work.
Show the contents of the alias.
Explain exactly where you are testing from, testing to, and exactly how you are testing.
-
well when you have an ANY rule dns works for starters ;)
-
@Derelict said in Allowing HTTPS 443 traffic only - not working:
Show the rule that DOES NOT work.
Show the contents of the alias.
Explain exactly where you are testing from, testing to, and exactly how you are testing.
The rule that does not work is shown above, its the 3rd one down.
The alias only has one IP of the same VLAN
I am testing from the IP in the alias by opening a browser and going to any HTTPS website
-
@johnpoz said in Allowing HTTPS 443 traffic only - not working:
well when you have an ANY rule dns works for starters ;)
yes the allow any rule allows https to work, but why does the 443 onlny rule not allow it to work, do I need to allow something else?
-
DNS is TCP/UDP port 53.
