- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
05-15-2013 11:41 AM
I'm having a discussion with my firewall engineer about rules in the PA5020. If I define an application to be used, say SSL, and I want to run that on a random port, say 8443. When I define that port (service) 8443 and choose the Application 'ssl', does that rule say that I can run SSL over port 8443 OR does that rule say I can run any application over 8443?
It seems to me that it would be i can run SSL over 8443 and ONLY SSL. If it was mutually exclusive wouldnt PA just grey out the application selection when a custom port was chosen?
Thanks for clearing up this disagreement. 🙂
05-15-2013 01:41 PM
cgolden07 wrote:
I'm having a discussion with my firewall engineer about rules in the PA5020. If I define an application to be used, say SSL, and I want to run that on a random port, say 8443. When I define that port (service) 8443 and choose the Application 'ssl', does that rule say that I can run SSL over port 8443 OR does that rule say I can run any application over 8443?
The above quote has been my experience with PA... when you define a specific App-ID and a specific port, that means that App-ID can only run on that specific port instead of "application default"
05-15-2013 04:50 PM
Application and service ports have an 'AND' operation - in your case traffic which is ssl over port 8443(only) will be allowed.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!