VPN without open HTTPS port

CIppalipa
CIppalipa Posts: 2
First Anniversary Friend Collector First Comment
edited April 2021 in Security
It's possible ? I have a USG210. I have configured a vpn (SSL that works fine) but I would like the initial page, my zyxel login, to not be shown to anyone who reaches my public ip.
I'm not talking about changing port 443 to another. I simply speak of having access to the vpn only through the Secuextender client and port 443 closed.
I don't want anyone in the world to see my zyxel home page and try a brute force of user and password.
I hope I explained myself. Thanks.

All Replies

  • alehzn
    alehzn Posts: 37  Freshman Member
    First Anniversary Friend Collector First Comment
    Hi.

    I had the same challange and did not find any possiblities to do so except to enable client certificate authentication for the log in page (System - WWW).

    Hope that helps.
  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,034  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    @CIppalipa & @alehzn
    Regarding to this case,
    you can create the profile on service control to prohibit remote user who try a brute force of user and password.
    Go to Configuration>System>WWW>Service Control>Click Add on Admin Service Control and user can not login via Wan IP address.

    Charlie
  • @CIppalipa & @alehzn
    Regarding to this case,
    you can create the profile on service control to prohibit remote user who try a brute force of user and password.
    Go to Configuration>System>WWW>Service Control>Click Add on Admin Service Control and user can not login via Wan IP address.

    Charlie
    Great. Simple and useful. Thanks

Security Highlight