cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1948
Views
0
Helpful
1
Replies

Cisco FTD FDM Access Control function

S3C
Level 1
Level 1

Hello!

Imagine I have 1 client and 1 server

I create a rule that allows the client to talk to the DC on certain ports like dns, kerberos, ldap, time, rpc (135).

Looks like this:

client - ports = any -> DC - ports = dns, kerberos, ldap, time, rpc, etc

 

Since the client is initiating the contact to the DC, im thinking the DC will also reply within the same session.

Or do I need to create a additional rule for a reply?

DC - ports = any -> client - ports = dns, kerberos, ldap, time, rpc, etc

 

Please correct me if im wrong

 

Thanks a lot!

 

1 Accepted Solution

Accepted Solutions

Francesco Molino
VIP Alumni
VIP Alumni

Hi

 

If the user starts the session and your rule allows this communication, there’s no need to create the reverse rule.

 

Your description is correct.


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

View solution in original post

1 Reply 1

Francesco Molino
VIP Alumni
VIP Alumni

Hi

 

If the user starts the session and your rule allows this communication, there’s no need to create the reverse rule.

 

Your description is correct.


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question