I received a request from a customer to close TCP ports 80 and 443 on the Destination NAT but allow other TCP ports. How would I disallow TCP ports 80 and 443 on the DNAT but allow all other TCP ports?
Destination NAT close ports 80 and 443 allow other TCP portsTCP DNAT Services Destination NAT 80 443 NG Firewall Forwarding Rules
Posted 14 August 2015 - 02:07 AM
I think you have 2 possibilities.
*) You can make a Service Object "All-Without-HTTP-S" with the Ports "1-79 81-442 444-65535"
*) Or you make a Rule with all All Ports to the Desination NAT Host and one Block Rule above with 80 & 443 to the same Target. So all 80&443 Sessions will be blocked, bevor the can reach the Allow All Rule.