This article shows how to create a service to define specific ports (5723 in our example) and configure the service in a security policy on Paloalto Firewall so that the server in DMZ can access the server in Trust.
Step 1: Configure the service ports
1.Login PA Firewall and go to Objects > Services
2. Click on Add on the left bottom.
3. Enter the Name, Protocol and Destination Port.
4. Click OK to save the settings.
Step 2: Create a policy and add the services to the policy
1.Go to Policies > Security
2.Click on Add. Note: you also Clone a current policy.
3. In General, enter the Name, select Rule Type and Tag.
4. In Source, select DMZ as Source Zone and add source address.
4. In Source, select DMZ as Source Zone and add source address.
5. In Destination, add Trust to Destination Zone and address.
6. In Service/URL Category, add the service ports you configured earlier by clicking Add and then OK to save the settings.
Step 3: Commit.
Please view this step by step video:
