Opening a port in Juniper SSG
Posted on 2009-04-26
I'm trying to open a port on my firewall so that users from outside the network can use the service of one particular server (say 126.96.36.199, port 60000)
How would I go about doing this?
I've setup a custom services in policy elements and also added a VIP entry on the interface page. My entry on the services looks like this:
TCP Source 0-65535 Destination 60000-60000
UDP Source 0-65535 Destination 60000-60000
Which doesnt work, and anyhow doesn't make any sense. Shy do I need to set Source as 0-65535 (This was recommended by my network guy) instead of just 60000-60000?
Additionally, I've also tried:
TCP Source 60000-60000 Destination 60000-60000
Which I think is more secure because I dont understand why we need to open all ports when we only need 1port. But this also didnt work
I dont understand why I need to open both TCP and UDP? (On that noe, how do I know which one to open?, the software only ask to open port 60000, didnt say TCP or UDP).
And how would I go about opening this port?