We have an application that negotiates a different port over time. We want to lock down our firewall to particular port(s), but this seems impossible to do with this apps. I know we can use inspection (fixup) on ftp, dns, sip, ... However, the application we're using is just some not so popular/standard software.
Basically, this is how the client/server talk:
- Client always initiates the converstation with Server on UDP port 19777 (I made this up)-> Server will tell Client "talk to me using UDP/3331"->Client then starts talking to server UDP/3331 until end of conversation.
Any ideas would be appreciated.