Fallout1984
Sep 16, 2021Cirrocumulus
Solved
"Port lockdown" option for SNAT pool addresses?
For self/floating IPs there's a "port lockdown" option that can be set to "allow none" ("Specifies that this self IP accepts no traffic. If you are using this self IP as the local endpoint for WAN optimization, select this option to avoid potential port conflicts.") in order to secure it. I don't see a similar option for SNAT pool addresses, however. How would I go about doing that other than block such addresses on the border firewall?
Thanks!
Hi Fallout1984,
You can also use Packet filter to filter traffic going to these SNAT pool addresses : Configuring Packet Filtering
Regards