How to Change the Default Service TCP Port

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

How to Change the Default Service TCP Port

L1 Bithead

Greetings,

 

Is there anyway to change the default TCP port that an interface uses for HTTPS or SSH management service?  

 

For example, I am currently using the external interface to redirect port 443, via Destination NAT, service, and DST port translation,  to an internal mail server. I also want to be able to manage the firewall via the same external interface IP using HTTPS, but instead of using 443, since it is already being redirected,  I want to use port 444 instead. I know I can pretty much do the samething that I am doing right now for the email/443 connectivty, but I wanted to know if there was anyway to do this without having to do it via DST NAT translation for managing the firewall via HHTPS.

 

Alot of the other firewalls, ie ASA and Netcreen, allow this to be done via a configuration knob so I was hoping PAN now has this in 7.1 code.

 

Thanks in advance,

Jaime

 

Jaime

3 REPLIES 3

L6 Presenter

Hi Jaime,

 

Yes, it is possible. Please see below article for both HTTPS and SSH:

 

https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Change-the-Default-Management-Por...

 

Thx,

Myky

Thanks for the reply. I was aware of the DST NAT with Port Translation as a viable option. So my assumption this the only way the default TCP port for HTTPS can be changed...Is there no other option avaialble?

Hi,

 

I guess it is only the way to do it. Another discussion here:

 

https://live.paloaltonetworks.com/t5/General-Topics/Default-Management-Ports-in-PAN-OS-7-1/m-p/10662...

 

Thx,

Myky

  • 6597 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!