SAML on a different port

SWBW_Florian

hi there,

i have an issue while implementing SAML at our checkpoint firewall. due to different usages on our NAT of different IP Adresses for different services i cant use the standard 443 for SAML

our on-premise MFA server is already configured to listen on 1443 instead

NAT is also configured so i can reach the MFA server through mfaweb.com:1443

but i dont know how to configure the SAML Portal at the checkpoints site? I cant edit the port at the SAML Settings

because another service is already listening on the external IP:443 i cant also tranlsate source and destination ports through our NAT, because the NAT wouldnt know if its the service or the SAML

Is there any way to reconfigure the port thats used for the SAML Portal?

Or a way to tweak the NAT?

thanks in advance

Florian

regards

the_rock

Hey Florian,

Only place I know is saml portal on the gateway properties in smart console. Would definitely confirm with TAC on this.

Andy

SWBW_Florian

Thanks the_rock for your reply.

unfortunately u arent allowed to change the used port here

regards

the_rock

Let me test it in R82.

Andy

the_rock

You are 100% right, it complains port cant be changed : - (

Can you send a screenshot how you tried nat? Just blur out any sensitive data.

Andy

SWBW_Florian · Screenshot 2025-03-13 134223.png Preview file 7 KB

the MFA rule will be the new one for SAML

the RAIDA rule is old but gold, we need it on 443

so i need a way to connect through a different port for saml

regards

Are you a member of CheckMates?

SAML on a different port