Jump to content


Photo

Destination NAT close ports 80 and 443 allow other TCP ports

TCP DNAT Services Destination NAT 80 443 NG Firewall Forwarding Rules

  • Please log in to reply
2 replies to this topic

#1 Jonathan Klein

Jonathan Klein
  • Members
  • 33 posts

Posted 13 August 2015 - 02:47 PM

I received a request from a customer to close TCP ports 80 and 443 on the Destination NAT but allow other TCP ports. How would I disallow TCP ports 80 and 443 on the DNAT but allow all other TCP ports?



#2 Alexander Heiss

Alexander Heiss
  • Members
  • 55 posts
  • LocationInnsbruck - Austria

Posted 14 August 2015 - 02:07 AM

I think you have 2 possibilities.

 

*) You can make a Service Object "All-Without-HTTP-S" with the Ports "1-79 81-442 444-65535"

*) Or you make a Rule with all All Ports to the Desination NAT Host and one Block Rule above with 80 & 443 to the same Target. So all 80&443 Sessions will be blocked, bevor the can reach the Allow All Rule.



#3 Jonathan Klein

Jonathan Klein
  • Members
  • 33 posts

Posted 20 August 2015 - 04:50 PM

I used the first possibility thank you.