Are you already using Port 80 with another policy or service for your NAT'ed IP address?
Are you already using Port 80 with another policy or service for your NAT'ed IP address?
Another good resource for netscreen issues is
I'm using a netscreen-25 and it seems to be the case that when I try to set up a port forward from virtual port 80 (outside) to port 8080 (inside) it won't let me:
"port number should be between 1024 and 32767, or default 1024"
.... and then it sets my port 80 to be 1024. Virtuals ports < 1024 are not allowed for some reason....
I am doing the port forwarding by using the VIP (virtual IP) feature btw.
Why should there be such a limiation? Is there any compromise possible?
alex
Are you 100% sure? Do you have it enabled as one of the service options (turned up for management), like FTP, Telnet, SSH, etc? Check Network/Interfaces/Untrusted.
No, that is the only thing that is using port 80 anywhere on the outside of the firewall. good idea though! alex
thanks muchly for that, I am going there for a good rummage about.. :) alex
If you are using a VIP using the Untrust IP, you have to change the admin port from the default of 80 to something else, regardless if you have management turned on on the untrust int or not.
Have just checked - no management interfaces are enabled on our outside interface.
Ah, thanks for that info!
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.