03-28-2019 10:14 AM
I need to create security rule and/or not to allow port 6965 to a device. Do I need both a NAT and security rule? Need to find out from vendor if port is TCP, UDP or both. I have PA-3020 running PAN-OS 8.0.13.
03-28-2019 10:44 AM
NAT is only necessary depending on your use case. NAT itself isn't needed to allow access to a host over a specific port. It's likely just the security rule you need.
03-28-2019 10:44 AM
NAT is only necessary depending on your use case. NAT itself isn't needed to allow access to a host over a specific port. It's likely just the security rule you need.
03-28-2019 12:53 PM
It sounds like you have an inbound service on port 6965 you want to block? You can do this on a PAN but... if you want to do it the PAN way, you need to figure out what application is actually talking. This way you can deny based on user/application and not port/protocol. Of course not all apps will be recognized. In this case you could make a special rule and use the "service" field in a policy rule to filter out port 6965.
03-28-2019 01:09 PM
i actually need to open port 6965 to ATM machine at a yet to be determined IP address. I need to find out from the vendor what app is actually talking (if there is one).
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
