Why does Global Protect Portal shows port 80 Connection successful via telnet ?

Why does Global Protect Portal shows port 80 Connection successful via telnet ?

23717
Created On 04/06/21 19:37 PM - Last Modified 01/30/26 20:40 PM


Question


  • Why does the Global Protect Portal port 80 shows connection successful? 
    Example:

    Online Telnet Test

    Some online vulnerability scanners can detect port 80 open on firewalls, which may cause a report signifying a potential gateway for a man-in-the-middle attack (MITM).

Environment


PAN-OS 8.0 and above

Answer


  • This is due to the redirection support feature added where the firewall always redirects HTTP traffic to HTTPS.
  • HSTS header enforces the usage of HTTPS at all times, even though the port connection shows successful.
  • Alternatively, you can implement a security policy to block/deny TCP port 80/service-http by creating the policy with a services object defining TCP port 80 (https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClEhCAK)

Additional Information


Does the PAN provide options for HTTP to HTTPS Redirect on Globalprotect Portal?

How to Configure GlobalProtect Portal Page to be Accessed on any Port

HSTS Additional info
 
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000sY1fCAE&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language