I am using a 320 with two ISP and several static IP addresses using firmware 5.3.12. I am using 1 to 1 NAT to map public IP addresses to private IP addresses, which is working fine. However, the firewall rules are leaving ports open even when they are denied. Here is an example:
NAT Config: Outside/Inside
Firewall Config: source/port destination/port
any/any 192.168.1.100/25 (allow)
any/any 192.168.1.100/110 (allow)
any/any any/any (deny)
When you run a port scanner from the outside on IP 188.8.131.52, ports 21, 389, 445 also show as open. I thought I only have 25 and 110 open, so why is there a response on the other ports.
What am I missing…