- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
02-24-2016 03:50 AM
It's perfectly possible I'm being unusually dumb here, but I can't see an elegant way of allowing application usage on non-standard ports - for example ssh on tcp/32777. The obvious way of doing it is to allow a rule that allows appid:ssh on service:ssh-ports (being a service group consisting of tcp/22 and tcp/32777).
That works fine, but is rather clumsy when you have a rule that has thousands of applications with service set to "application default" (you end up with dozens of rules to cope with all the non-standard ports).
I looked to see if you can change the 'application-default' for an application to add custom port numbers.
I've tried creating a custom application which is tcp/32777 and a parent application of 'ssh'. Doesn't seem to work.
Am I missing something obvious? Or am I not trying hard enough with the custom application rule?
02-24-2016 04:05 AM
Hi Mike,
I think the best thing to do in this situation, if you want to allow non-standard ports, is to create separate rules for them so you allow SSH & service tcp 32777. You can apply content-ID & user-ID to make sure the traffic isn't dodgy (as long as decryption is enabled for SSH) and lock down the users so that only the required people can use this port for SSH.
hope this helps!
Ben
02-24-2016 04:05 AM
Hi Mike,
I think the best thing to do in this situation, if you want to allow non-standard ports, is to create separate rules for them so you allow SSH & service tcp 32777. You can apply content-ID & user-ID to make sure the traffic isn't dodgy (as long as decryption is enabled for SSH) and lock down the users so that only the required people can use this port for SSH.
hope this helps!
Ben
02-24-2016 07:14 AM
> I agree with bmorris1 and I don't think you will be able to add the custom app as a part of application-default group
02-24-2016 08:02 AM
Thanks.
That's pretty much the solution I've used. I just wanted to know if I was missing something obvious.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!