SonicVoom
asked on
create Firebox port scan exception for Spiceworks server
my firebox blocked my spiceworks server's IP because it did a port scan. How can I make an exception, or policy so the firebox won't block the SW host?
I think you need to go into the firebox config and disable the blocking. It should be in the unhandled port section I believe. There should be a checkbox for the automatically block the unhandled port access. That's what I remember, I don't have access to see the actual setting location. You can re-enable the feature/setting later.
this page has a screenshot.
It's in the unhandled packet section.
http://www.watchguard.com/help/docs/wsm/11/en-US/index_Left.html#CSHID=en-US%2Fintrusionprevention%2Funhandled_pkts_about_c.html|StartTopic=Content%2Fen-US%2Fintrusionprevention%2Funhandled_pkts_about_c.html|SkinName=WSM%20(en-US)
It's in the unhandled packet section.
http://www.watchguard.com/help/docs/wsm/11/en-US/index_Left.html#CSHID=en-US%2Fintrusionprevention%2Funhandled_pkts_about_c.html|StartTopic=Content%2Fen-US%2Fintrusionprevention%2Funhandled_pkts_about_c.html|SkinName=WSM%20(en-US)
ASKER
I'm familiar with that setting, but I'd like to limit that exception to this one, trusted host. I'll keep looking through policy settings...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I did something a little bit different than what you suggested, but that was the same track.