Tuesday, March 20, 2012

SPLAT WebUI port customization with R75

One of my favorite commands on SPLAT is webui. It allows you to set WEbUI on a custom port, if you like. For example, to set it on port 4434 you just need to run the following: webui enable 4434

But be careful, with R75 and up the behavior has been changed. Even if you set it up on a custom port as described above, it will get back to default 443 after reboot.

This is quite annoying, especially if you have Mobile Access Blade with SSL portal running on your GW. But no worries, there is another place, rather unusual, where you can set it up right.

For your R75 and R75.X objects, go to SmartDashboard, then double click to the managed object and choose SecurePlatform tab.

In the "Main URL" field add your port, as shown on the picture above. Push policy, now it is all good.


  1. Thanks Valeri,

    But, what about a cluster with 2 members in Load Sharing Mode or High Availability? On Dashboard you have SecurePlatform only for the cluster...How can I use the two Gateways?


  2. Hi Ivo!

    The setting will be applied to all cluster members. I have actually had it set for a cluster.

    1. Ok, let me try but on the main URL I have to define the IP of each member? Imagine I have two members with one management IP without VIP, on the main URL can I put any IP?


  3. Oh, i see the confusion now.

    It is a single URL with VIP in it. But the result will be WebUI listening on specified port, effective for the physical addresses as well, and this is what we need.

  4. I think, in case of cluster the setting should be defined on nodes, not the cluster itself. The webui port is related to administration not to a service provided, so vIP is somewhat misleading here. Ability to upload SSL certificates for webui separately also would be nice to have. As we connect to nodes, not to cluster in this case.

    Hope the vendor will change the GUI here.

  5. I recently installed an R75.20 Splat FW and despite what the NAT and Security policy specify (including what you have in this blog post)the FW OS is still intercepting all port 80 and 443 traffic. Any suggestions?

  6. too few info. is it standalone or just security GW? does it have DLP and/or IA enabled?

    what kind of traffic is being affected? HTTP/HTTPS to internal servers with PAT to FW address? or jsut any traffic?