i have a need to allow a port from a zone to every other zone except outside zone untrust. is there a way to do this with global policy and exclude untrust zone or some other way with groups etc...?
if anyone knows, please let me know..TIA
You could do this with a global policy but you would need to specify the subnets/ips that traffic is allowed to and from in an address-set.
Have a read of the following Tech Doc.