1 Reply Latest reply: Sep 9, 2013 8:55 AM by mtuma RSS




      We are in the process to replace 2 checkpoint boxes with a customer, so we're in the process to migrate its security policy.


      They have like a custom/application service named fina, which cointains ports 8091 and port 9091, but it is one solely service, it is not a group. The checkpoint admin says that this application works for ports 8091 OR port 9091. This service is used in other several different rules. This application is NOT a group, it is an application which contains both ports,


      The config is looks like:

      Service name: fina

      Port Type: TCP

      Ports: 8091, 9091


      The CheckPoint admin says that this particular service could be use to allow/deny any traffic on port 8091 OR 9091. Obviously It is not a range port.


      So, in MFE, is it possible to create a custom application like this?  Does MFE support this while creating an custom application insert 8091, 9091 and means the same? Or Do I need to create 2 different custom application for port 8091 and another one for port 9091?. If I create it, it means the same?



        • 1. Re: Application/Ports.



          Yes, creating an application on ports 8091 and 9091 is an option. You simply need to specify "8091, 9091" (no quotes) in the TCP Ports field. I just tried it to make sure there were no problems.