Hi Amaresh, there are 2 ways you can do this: 1. Create a NAT policy that doesn't filter for inbound port so that you can account for both RDP (3389) and 443 coming into the same host. Then rely on your security policy to allow only the applications/ports you wish. 2. Create 2 separate NAT policies, one that filters specifically for port 3389 and one that filters for 443. I've provided an example below of #1 You will also need a corresponding Security Policy with the source zone of Untrust and the Destination zone of Trust, for the appropriate applictions that you want to allow access to. The Destination IP would be 10.0.1.4 in this case. You can leave the destionation IP set to any if you prefer to see the destination IP show up in the traffic log, and adjust the Security Policy after the fact.
... View more