01-14-2020 06:21 PM - edited 02-21-2020 09:50 PM
Dear All,
i a bit confuse in TCP connection initiation between some server and clients applications and how to allow the traffic in firewall.Because i confuse in session layer.
For Example:Server is listen port 3000 for any clients .
If the clients request to server ; destination port is 3000 and src port is random port (eg.2000), which port (destination port and src port) will server use to reply to client ? Server use random high port ?
OR. Server reply to client with destination port as 2000 and random port is its src port ?
In firewall ,i only need to allow port 3000 uni direction traffic ? do i need to open bi-direction ?
Or do i need to allow all high port in firewall like passive FTP traffic ?
Solved! Go to Solution.
01-14-2020 06:54 PM
firewalls are statefull, so in 99% of the cases you allow traffic from source to destination and you allow a certain destination port. so if you allow from source to destination on tcp/3000 then really you dont care much about the port the source would like its reponse back on.
Firewall typically allow the return traffic as its statefull. although you can be more granular than that.
01-14-2020 06:54 PM
firewalls are statefull, so in 99% of the cases you allow traffic from source to destination and you allow a certain destination port. so if you allow from source to destination on tcp/3000 then really you dont care much about the port the source would like its reponse back on.
Firewall typically allow the return traffic as its statefull. although you can be more granular than that.
01-14-2020 11:30 PM - edited 01-14-2020 11:32 PM
Hi,
Thank for your explain.
Please let me know below links scenario is different with your explanation? it is not Cisco ASA firewall example. Because after i reading below link i got the above post question.The below link are related with passive ftp only ? Not related for other traffic ?
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClFeCAK
01-16-2020 12:35 PM
Hi,
Maybe this will help you
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide