Hi,
Using Xg v18, how would you allow an external company access to scan your public facing ip address with nmap for compliance reasons?
We have a list of specific ips we need to allow access and have tried creating dnat and firewall rules but the traffic always gets dropped by rule 0
This used to work in v17 but with v18 we cannot find a way.
Any help would be greatly appreciated
Thank you
So using local acl exception does allow access to scan the few services that are available to add in the acl excpetion rule which is good. (HTTPS, VPN, SSL etc..)
However i guess my question is, is there a way to allow an external ip access to scan every port unfiltered on the xg without being denied like this packet capture shows?
So basically what we would like is for the source ip to have full access to everything unfiltered on the destination ip.
Is such a thing even possible?
