cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
201
Views
0
Helpful
1
Replies

fixup type question

chrish
Level 1
Level 1

I am setting up an ASA 5520 presently with 7.0 on it I am planning to upgrade to 7.2.

From an outside client I have opened up a sqlnet port (1521) to an inside server.However the login process from client to server initiates a 2nd connection which is somewhat dynamic. On the 2nd connection the source port gets incremented by 1 but the destination port is somewhat unpredictable.The first attempt from the client (of which there will be many)attempted a connection at 3964 and then it incremented from there at unpredictable increments at all attempts afterward.All being blocked of course by the FW.I can simply open ports above 3960 for example and it will work but my question is given both the source and destination port numbers change is there any way of temporarily opening these higher ports and then shutting them down similar in the way the fixup command would do it if the source port wasn't changing?

1 Reply 1

mmorris11
Level 4
Level 4

Not that I am aware of. I would suggest using ssl vpn for this. It will be a simpler and more secure approach, I think.

HTH

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: