Published on January 20th, 2014 | by Jamie1
Draytek 2830N blocking HTTPS port 443 traffic – Fixed
Every now and then at work I come across something which stumps quite a few of our engineers, recently this was the case when we couldn’t get a Draytek firewall to port forward 443 traffic to a client’s server. Such work usually takes 5 minutes, but this took hours to get to the bottom of, so I thought I’d share the resolution with our readers, especially as this could occur if someone upgraded the firmware on their 2830N or other Vigor firewall / routers
The scenario was simple, a client upgraded their server to Windows Server 2012 and in-turn decided to upgrade their firewall. With the old firewall in place things were working fine, but when we swapped it out for the DrayTek Vigor 2830N and configured the firewall rules accordingly we just couldn’t get HTTPS access on port 443 from the outside world.
We changed the external port to 444 as a test and it worked, but it was an imperfection and a little messy, if we changed it back to 443 it instantly failed. After some help from colleagues and speaking to our friend Google we stumbled upon this gem of a blog post.
It seems the guy who wrote this had experienced the exact same issue as us. Basically certainly firmware versions allow you to set up all the HTTPS rules you want, without mentioning that the Firewall was actually utilizing this port for SSL VPN traffic and/or remote management of the Draytek, the two screenshots below show you what needs to be changed. Sorry for the poor image quality we took the images from the Draytek website.
I hope this helps you get around this annoyance.