fixup type question

Unanswered Question

I am setting up an ASA 5520 presently with 7.0 on it I am planning to upgrade to 7.2.

From an outside client I have opened up a sqlnet port (1521) to an inside server.However the login process from client to server initiates a 2nd connection which is somewhat dynamic. On the 2nd connection the source port gets incremented by 1 but the destination port is somewhat unpredictable.The first attempt from the client (of which there will be many)attempted a connection at 3964 and then it incremented from there at unpredictable increments at all attempts afterward.All being blocked of course by the FW.I can simply open ports above 3960 for example and it will work but my question is given both the source and destination port numbers change is there any way of temporarily opening these higher ports and then shutting them down similar in the way the fixup command would do it if the source port wasn't changing?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
mmorris11 Wed, 08/02/2006 - 06:50
User Badges:
  • Silver, 250 points or more

Not that I am aware of. I would suggest using ssl vpn for this. It will be a simpler and more secure approach, I think.



This Discussion