How to configure F-Secure Policy Manager Server to listen on multiple TCP ports for HTTPS traffic

Issue:

In default configuration, Policy Manager Server listens to HTTPS traffic on port 443. However, if there is a requirement for changing this port, clients connected to the Policy Manager may end up in state where they are no longer able to communicate with the server.

Resolution:

This article describes, how to configure port forwarding on the server running windows. Effectively, this allows the Policy Manager Server to listen to multiple TCP ports.

To accomplish this, we use "Netsh interface portproxy " documented here.

Also ensure, the correct listening port is provided in the Policy Manager policy.

The following command forwards TCP port traffic from port 443 to port 444. (Note: PMS=Policy Manager Server):


C:> netsh interface portproxy add v4tov4 listenaddress=<insert PMS IP address> listenport=443 connectaddress=<insert PMS IP address> connectport=444

To print the current settings:

```
C:> netsh interface portproxy show all
```

To remove the netsh portproxy forward from port 443 to 444:


C:> netsh interface portproxy delete v4tov4 listenport=443 listenaddress=<insert PMS IP address>

Remember to ensure, all configured TCP ports are open in the windows firewall on the server hosting PMS.

Article no: 000027641