we have a network manager inside and a ris server outside of an asa

5510 firewall running  ios version asa823-k8.bin

We have a rule on both the inside and outside interfaces allowing tftp through.

When tftp is initiated from the Netmager on hte inside the firewall allows out to the RIS server on destination port 69 and a ramdon source port.

The return traffic goes back to the Netmanager the destination port is the random source port that the NEtman Used and the Firewall blocks the traffic.

If I allow all UDP in its works fine.

shouldn't the firewall open up the ports to allow the traffic back in?

Am I missing something/