Description 

This article describes the issue while implementing SSL VPN initial configuration from GUI warning 'Port conflicts with the administrative HTTPS port for this system' is appearing.

This occurs because FortiOS is configured to use port-443 by default for 'SSL-VPN & WEB-GUI', prompting the administrator to choose a different port to prevent conflicts.

By default, when the administrative HTTPS port and SSL VPN port are the same, admin GUI connections are blocked on the SSL VPN-enabled interface.

config vpn ssl settings

    set port-precedence enable/disable   
end

Enable (default value) means that if SSL-VPN connections are allowed on an interface admin GUI connections are blocked on that interface.

Scope

FortiGate.

Solution

Administrators can either change the SSL VPN port to any custom port, for example: 10443, 4443, or can change the administrative HTTPS port for GUI access to any custom port.

From GUI.

Navigate to VPN -> 'SSL-VPN Settings'.

Note that if changes of the SSL VPN listening port to a custom port (e.g., 10443) other than the FortiGate administrative HTTPS port (443) does not resolve the GUI warning for 'Redirect HTTP to SSL-VPN', as shown in the following screenshot:

 

It is necessary to modify the administrative HTTP port (default: 80) to another custom port (e.g., 8080) to address this warning altogether (attachment below).

 

Related article:

To change the admin GUI port: Technical Tip: How to change the port for the admin access to avoid port conflict