This article provides instruction on how to change the SSL VPN Server port so it does not conflict with the WebUI management port. The security gateway, ZyWALL or USG series, must be running firmware version 4.64 or later to have this option.
Changing SSL VPN Server Port
To change the server port please go to menu, Configuration → VPN → SSL VPN and click on the Global Setting tab. From this menu you will see the option to change the "SSL VPN Server Port".
The next step after changing the management port is to create an address object for the new service. Go to menu, Configuration → Object → Service and click the Add button to insert a new service object for the SSL VPN Server Port.
- Name - Provide a name for the service object.
- IP Protocol - Select "TCP" from the dropdown menu.
- Starting Port - Type in the SSL VPN Server Port number.
- Ending Port - Leave empty or enter the SSL VPN Server Port number.
- Click OK to create the object.
To allow remote users to establish an SSL VPN connection to the newly configured port we now need to create an ACL rule to allow the traffic. Go to menu, Configuration → Security Policy → Policy Control and click the Add button to insert a rule.
- Make sure the "Enable" checkbox is marked.
- Name - Provide a name for the rule.
- From - Select the external zone, WAN.
- To - Select the hardware appliance, ZyWALL.
- Service - Select the service object that was created for the new SSL VPN Server Port.
- Action - Set the rule to "ALLOW" the traffic.
- Click the OK button to save the settings.