[Serusers] Changing the destination port
Klaus Darilion
klaus.mailinglists at pernau.at
Wed Apr 5 18:18:08 CEST 2006
Hi!
The firewall is doing PAT in one way, but does not remember the mapping
for the response. IMO this behavior it totally broken. Are you using
checkpoint - I had this problems several time with checkpoint firewall.
I solved it by kicking the firewall admin until he managed to disable
this broken behavior.
Thus, fix the firewall.
regards
klaus
Bruno Machado wrote:
> Hi all
>
> We are trying to install a firewall in our structure. The problem is:
> the firewall (between X.Y.Z.A and X.Y.Z.B) manipulates the packets, but
> it changes de SRC port when it sends to the SER (X.Y.Z.B).
>
>
> X.Y.Z.A:5060 ----> X.Y.Z.B:5060
> (dump in X.Y.Z.A)
>
> X.Y.Z.A:10080 ----> X.Y.Z.B:5060
> (doing a dump in X.Y.Z.B)
>
>
> When X.Y.Z.B answer to X.Y.Z.A, it uses the port 10080:
> X.Y.Z.B:5060 ----> X.Y.Z.A:10080
>
> It break the comunication, because X.Y.Z.A isnt listening at 10080.
> I need to force the SER to send the messages back to 5060. There are any
> way to do it?
>
> Thanks a lot.
>
> Bruno Machado
>
> __________________________________________________
> Faça ligações para outros computadores com o novo Yahoo! Messenger
> http://br.beta.messenger.yahoo.com/
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Serusers mailing list
> serusers at lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers
More information about the sr-users
mailing list