I am having trouble with Sun Unix NFS and NIS between two servers, one that is outside the firewall (192.168.20.1) and the NFS/NIS server (192.168.10.1) that is inside. Even though I have NFS selected as an allowed protocol, it appears that we get frequent denials from the inside zone to the outside zone between these two servers an high port numbers. So rather than fight this, I added a rule as follows using SDM. My question is... Is this the proper way to specify a zone based rule where I want to allow ALL protocols? SDM says if you do not specifically ADD a protocol, it allows ALL protocols; however, if you look further below at my syslog, it is obvious this this is not working. I have also noticed that the cause of this is due to a Stray Segment with ip ident 0. Can anyone tell me if this is due to my rule or what could cause a "stray segment" if that is the cause? Thanks in advance.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...