cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

How can I block ports from outside and allow it for internal communications?

Jump to solution

Hello Guys,

One of our vulnerability scanner gave the following ports as vulnerable, so we want those ports to be blocked from outside and to be allowed from the inside for inside communications.

These are the ports


264/tcp - fw1_generic.
500/udp - ikev1.
18231/tcp

18264/tcp - cp_ica

how can i do this?

Thanks

1 Solution

Accepted Solutions
Admin
Admin

Re: How can I block ports from outside and allow it for internal communications?

Jump to solution

Some of these are covered by implied rules.

To confirm this, go to Global Properties, click the appropriate checkbox, and install policy.

You will see log entries on Rule 0.

In which case you will have to work to disable the implied rules, but this is NOT recommended.

Refer to: How to completely disable FireWall Implied Rules 

4 Replies

Re: How can I block ports from outside and allow it for internal communications?

Jump to solution

I feel like I might be missing something with your question, but I think there are several ways to achieve this...

SRC: Internal Networks Group [NEGATED] | DST: Any | SVC: ports | ACT: drop

--or--

SRC: Internal Networks Group | DST: Any | SVC: ports | ACT: allow 

      * I'd have several more specific rules of the above rule with explicit destinations...

SRC: Any | DST: Any | SVC: ports | ACT: drop

--or--

Other combinations...

Re: How can I block ports from outside and allow it for internal communications?

Jump to solution

Hi Brian,

Thank You for the reply.

Regards,

Shehan

0 Kudos
Admin
Admin

Re: How can I block ports from outside and allow it for internal communications?

Jump to solution

Some of these are covered by implied rules.

To confirm this, go to Global Properties, click the appropriate checkbox, and install policy.

You will see log entries on Rule 0.

In which case you will have to work to disable the implied rules, but this is NOT recommended.

Refer to: How to completely disable FireWall Implied Rules 

Re: How can I block ports from outside and allow it for internal communications?

Jump to solution

Hi Dameon,

Thanks for the reply. I have disabled some with the implied rules.

Regards,

Shehan

0 Kudos