I like your doc and your approach. However I find your last example to be a bit misleading. You state :"
aB- Awaiting SYN from Inside and B since packet was originated from outside."
Really the aB is signifying that we are awaiting an outside ack to inside syn, and the connection was initiated from the outside. Basically 2 out of the 3 parts of the handshake has been completed, and the firewall is waiting for the last ack from the outside router to the inside host. Great paper btw..I followed it in my home lab.
Thanks for the document. It helped me do case study. Two doubts:
1) #6
SaAB- Awaiting SYN-ACK from inside -> isnt this the correct meaning of this flag?
Inbound connection i.e. connection initiated from outside, SYN sent from outside, now waiting for inside to send SYN-ACK
2) last one :
aB- Awaiting ACK from Outside -> isnt this the correct meaning of this flag?
Inbound connection i.e. connection initiated from outside, SYN sent from outside, SYN-ACK sent from inside, now waiting for outside to send ACK to finish 3-way handshake.
Also you blocked ACK on R1 router Fa0/1 ryt? So isnt it blocking ACK from R3 to R2
Getting Started
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:
