"Ye, Xiaodong" wrote:
> Thanks Jeffery,
>
> >In this case what is probably happening is you try to connect to port 80
> >http on that web server and the webserver replies back to your source port
> >with a redirect to 8080. Your browser then re-establishes a new connection
> >out to port 8080. This would work fine.
> What I wonder is that if the webserver redirect to 8080(diff from the
> original trying to 80),why stateful inspection firewall could let these
> kinds of traffic in after checked its state table and then to re-establishes
> a new connection?
Well redirect is usually done at HTTP level. The client receives a redirect
message and will then establish a new connection the the other server. Hence you
firewall must allow connection to that other server too from WAN.
Marc.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
