Any changes your firewall makes to the port numbers or IP
addresses in packets received from its external interface should be
undone or reversed when the packets are transmitted back out the
external interface.
The only exception to this that I know about is the tftp protocol.
The client makes the initial connection to port 69 and the tftp server
will change this to a high port number over 1024. The rest of the
packets will use this new high port number.
Firewalls will change the source port number when they are
mapping all your internal machines onto one external (Internet) IP
address.
You don't say what protocol or firewall you are using.
On 3 Nov 00, at 8:02, John Steniger wrote:
> I'm involved in a project with a partner company, and we are attempting to
> use a router to hook up communications between our sites. The long and
> short of it is that our external firewall alias will direct packets to their
> router that they mailed us and we hooked up on our external network, and
> that router should then direct those packets to their site.
>
> The problem we are seeing is that the packets are dying at their router.
> They claim this is because as they go through our firewall to the internal
> machine, the internal machine responds out the firewall, but the source port
> of the packets are changed coming out of the firewall. I had assumed this
> was default on all firewalls (that the source ports on outgoing packets are
> changed).
>
> I guess that's my basic question: am I nuts, or is it correct behavior on
> the part of my firewall to change the source packets coming out?
>
> Thanks,
> John
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
