Is there anything special I have to do to allow a windows 2000 server using w32 time service (SNTP) to access a time server through the outside interface of a PIX? I would like to accomplish this using only PAT on the outside interface's IP address, but I'm not sure if PAT will stay loyal to the UDP port 123 restriction (especially if we're running PAT on the outside interface's IP address).
Are there any access lists that have to be set up? My understanding is that the server on the inside will always initiate contact with the outside server and wait for a response. So the inbound packet should always be a response to a packet instead of really being an outside source trying to contact a server on the inside.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...