> I have a user (visiting director) who needs to check
his email
> (Groupwise) from inside my firewall when he's onsite.
The logs are
> below - I have tried opening his IP from the outside to
port 427 and
> his IP from the inside port 1029 but it still hangs.
Care to post the config lines corresponding to those ACL
entries, or
your whole config? Seems like you didn't allow the UDP
traffic back
in.
Also, the 1029/1050 are ephemeral UDP ports chosen just
for those
connection attempts. You likely won't be able to predict
the client
UDP port, nor should you have to.
Per a quick search, GW might use:
• UDP and TCP ports 524
• UDP and TCP ports 427
• TCP 389
--Sandy
------------------------------------
Sanford Whiteman, Chief Technologist
Broadleaf Systems, a division of
Cypress Integrated Systems, Inc.
mailto:swhitema dti.net
------------------------------------
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://gr
oups.yahoo.com/group/PIX_Firewall/
<*> To unsubscribe from this group, send an email to:
PIX_Firewall-unsubscribe@yahoogroups.com
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.c
om/info/terms/
|