DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

2830 Firware Upgrade Breaks Server SSL Forward

  • stormuk69
  • Topic Author
  • Offline
  • New Member
  • New Member
More
25 Aug 2013 13:43 #77526 by stormuk69
2830 Firware Upgrade Breaks Server SSL Forward was created by stormuk69
Upgrading to the latest firmware of: 3.6.4_sb_232201 breaks SSL Port forward.

I am not sure whether this is a new feature or it just switches it on.

After upgrading to the latest Firmware my remote email and all remote SSL features of my Server stopped working.

The Certificate was showing as invalid. Upon diagnosing further I found the external IP was stopping at the Router.

After digging deeper I noticed a section named SSL VPN. This is using port 443 and hence the reason the port forward gets stopped.

Drill down to:
SSL VPN > General Setup > SSL VPN General Setup and change this port.

Upon doing that the Remote services are now working fine once again.

This is very annoying and has wasted time trying to diagnose this issue.

When upgrading firmware nothing should change from a working system. I have been very happy with Draytek products but this kind of sloppiness isn't very good to say the least.

I hope this saves someone countless hours of pointless diagnostics.

Please Log in or Create an account to join the conversation.

More
25 Aug 2013 21:11 #77528 by babis3g
Replied by babis3g on topic Re: 2830 Firware Upgrade Breaks Server SSL Forward
Thanks for the report ... It's a new feature ... there are also few other same issues on board here
DrayTek has published a demo about SSL http://www.draytek.co.uk/support/kb/kb_sslvpn_troubleshooting.html
... and also is been a small update which it may does not solve the problem yet but has warnings (Single Band)

*Improved: Add note in System Maintenance >> Management to alert users that TCP
port 443 is occupied by SSL Tunnel service.
*Improved: Add a note to remind customers that SSL and HTTPS used the same port..


ftp://ftp.draytek.com/Vigor2830/Firmware/v3.6.4.1%20single%20band/

Please Log in or Create an account to join the conversation.

More
29 Aug 2013 22:47 #77560 by alisdair73
Replied by alisdair73 on topic Re: 2830 Firware Upgrade Breaks Server SSL Forward
Oh my god!! I can't believe I finally found this!! I have spent the last 2 weeks trying to solve the problem with our server and checking exchange etc, reconfiguring almost to the point of rebuilding our server!! We used the logging on the draytek and it showed it as passing the requests on 443, we even set it up as a dmz and it still didn't work. Finally thought of trying another router - hey presto it worked so it came back to the vigor - really disappointed this has not been made clear!

Thanks for writing your experience as this has solved the problem!

Please Log in or Create an account to join the conversation.

Moderators: Sami