My problem is the following: I have an old check point rule that has "echo-request" and tcp-2463, that is some port used by an unknown application. I want to configure in PAN the same rule, but to do that without adding anything in the application database, I will need to create two rules, one for TCP-2463 (service) and one for PING (application). I want to have just one rule whare I can put PING and TCP-2463 together. I was thinking to create an application where I will specify the port tcp/2463 in the advanced tab. In my rule I will put this recently created application and ping in the app filed, and use "application-default" in the service field. My question is, if I do that, should I expect to have problems with the traffic, specially the one that uses TCP-2463? I made it work for unix traceroute (udp/33434-33534), but I wonder if any other unknown application will have problems if I try. I have hundreds of rules like this, and I want to economize in rules.
... View more