Can the SSL-VPN/Virtual Office Login Page be disabled

Q_Mark

Is there a way to stop this page from loading on the public IP of our SonicWall TZ570?

http://publicipaddress:80/sonicui/7/sslvpn-portal/

We are not using the built in SSL-VPN service or Virtual Office bookmarks and this URL triggers a warning for our cyber insurance provider.

BWC

@Q_Mark disable "Add rule to enable redirect from HTTP to HTTPS" on all of your WAN Interfaces and they should not complain any longer about Port 80. I strongly recommend to avoid having this option enabled, which is IMHO the default setting.

--Michael@BWC

preston

Hi @Q_Mark , in the latest version of firmware (7.0.1-5145-R5175) there is an option added to the portal page specifically for this

Q_Mark

Sorry didn't mean to click on both for correct answer. I am updating the firmware, thanks for pointing that out.

BWC

@Q_Mark no worries, it depends what the auditor is complaining about. Is it just because of Port 80, then my solution is the way to go. Is it about the Virtual Office than Prestons way is the right one, if you don't need SSL-VPN at all just disable it on the WAN interfaces.

--Michael@BWC

Q_Mark

Update - After updating the firmware and enabling the new Disable Virtual Office on non-Lan interfaces the Virtual Office login page was still loading on the WAN interface.

What finally resolved this for me was I noticed a WAN to WAN policy that allowed HTTP traffic on the WAN interface.

I had left this rule with default settings as I had selected for HTTP to be redirected to HTTPS in the WAN interface settings.

After limiting the Source address to certain public IPs the Virtual Office login page on port 80 is no longer open to the public.