Jump to content


Photo

Destination NAT close ports 80 and 443 allow other TCP ports

TCP DNAT Services Destination NAT 80 443 NG Firewall Forwarding Rules

This topic has been archived. This means that you cannot reply to this topic.
2 replies to this topic

#1 Jonathan Klein

Jonathan Klein
  • Members
  • 34 posts

Posted 13 August 2015 - 02:47 PM

I received a request from a customer to close TCP ports 80 and 443 on the Destination NAT but allow other TCP ports. How would I disallow TCP ports 80 and 443 on the DNAT but allow all other TCP ports?



#2 Alexander Heiss

Alexander Heiss
  • Members
  • 61 posts

Posted 14 August 2015 - 02:07 AM

I think you have 2 possibilities.

 

*) You can make a Service Object "All-Without-HTTP-S" with the Ports "1-79 81-442 444-65535"

*) Or you make a Rule with all All Ports to the Desination NAT Host and one Block Rule above with 80 & 443 to the same Target. So all 80&443 Sessions will be blocked, bevor the can reach the Allow All Rule.



#3 Jonathan Klein

Jonathan Klein
  • Members
  • 34 posts

Posted 20 August 2015 - 04:50 PM

I used the first possibility thank you.