Access Control Settings: HTTPS Ports

HTTP > Configuration > Internet Access Control | HTTPS Ports

[Not available in the Bridge and ICAP modes]

Use this page to specify to which ports IWSVA will allow HTTPS tunneling. All HTTPS CONNECT requests to ports that are not explicitly listed here are denied.

Unlike with other IWSVA priorities (rules are evaluated according to priority; the first rule that matches will be applied and the others ignored), all the rules that appear in this list will be applied. Rules are evaluated from the bottom of the list to the top. As such, the first rule is the default rule; it is evaluated last.

If the list is empty, by default, only ports 443 and 563 are allowed.

• Note: To allow HTTPS connections to the IWSVA console, create a rule as follows:
  
  allow 8443

For example, the following rules and their order can be interpreted as follows:

1. deny all—IWSVA closes all ports on the server

2. allow 443—IWSVA opens port 443 (overrides rule 1)

3. allow 563—IWSVA opens port 563 (overrides rule 1)

4. deny 443—a mistake, but IWSVA will again deny access port 443 (overrides rule 2; agrees with, but nonetheless overrides, rule 1)

Top set the access control for HTTPS ports:

1. Select Allow or Deny. (Default is Deny.)

2. Select All ports, Port and Port Number, or Port range.

3. Type a descriptive name in the Description field. (40 characters maximum)

4. Click Add.

See also:

• Redirect Clients to DCS When IWSVA is using HTTPS