For self/floating IPs there's a "port lockdown" option that can be set to "allow none" ("Specifies that this self IP accepts no traffic. If you are using this self IP as the local endpoint for WAN optimization, select this option to avoid potential port conflicts.") in order to secure it. I don't see a similar option for SNAT pool addresses, however. How would I go about doing that other than block such addresses on the border firewall?
Solved! Go to Solution.