We have setup an IPsec VPN connection on an XGS 116 and want it to be as restrictive as possible, only allowing RDP traffic to a single PC.
I used a port scanner on the IP address of the PC and it reported that port 25 (SMTP) was open but all others were closed. Why is this?
I tried adding a firewall rule to block port 25 over the VPN and the connection attempts are listed as being denied in the firewall log but the port still shows as open in the port scanners.
Thanks, it was the "Auto added firewall policy for MTA" rule that was allowing it for any source. I changed it to allow any except from VPN.
probably maybe you have SMTP Relay enabled on your WAN (or other Zone) Zone in Administration>Device Access?
edit: sorry, it wasn't about the XG, it was about a computer. But maybe related to SMTP Relay anyway?
have you done a packet capture for Port 25 in diagnostic section of Webadmin?
you should see the rule and NAT rule that is handling the traffic.