Http traffic to https

Showing results for 
Show  only  | Search instead for 
Did you mean: 

Http traffic to https

L0 Member

Hi Guys 
Can we redirect someone trying to access to ( port 80 to 443 ) ?

If we are using Dest NAT for ? 



L3 Networker

Quick answer: bad idea.

Long answer 1: it would probably confuse the browser, unlike an "HTTPS-only like" browser extension, which would do the same thing (in a non-centralized fashion, of course) while keeping the browser aware of the redirection

Long answer 2: a PAN firewall seems to be able to "express" that kind of DNAT rule, should you want to try

Possible solution:
- hijack the DNS domain and point it to an IP of yours (PAN dns-proxy should be able to do that with a static entry, in case you're using it)
- set up a "dummy" http-only web server with an HTTP/301 catch-all page that points to the https server (bonus point: implement a rewrite that keeps the URL)
- DNAT on firewall so that https to YOUR dummy web server is DNAT'ed to the original one

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!