cancel
Showing results for 
Search instead for 
Did you mean: 

External Port Help - Basic Question

SOLVED
ttl_expired_
Occasional Contributor

External Port Help - Basic Question

Hi Guys,

I am new to seting up SA-2500's using the External and Internal port. I understand the concept of having the External in the DMZ and the internal in the trusted network.

My Question is how does the box figure out what traffic goes out what port? I noticed that both ports have a default gateway setup. How does the box know to send traffic out the internal port of the external port?

ie) A user on the internet comes in, hits the internal port. The return traffic will now follow the default gateway which is now two routes, which wins?

I know there is a basic answer but the docs are brutal for explaining this basic level of operation.

Thanks!

1 ACCEPTED SOLUTION

Accepted Solutions
ruc_
Regular Contributor

Re: External Port Help - Basic Question

The box is hardened to not send traffic to backend (internal network) via the external interface. It will always use the internal interface and gateway on internal interface to talk to the backend stuff (though you could override this using static routes on the internal interface route table)

 

The external port is only to receive user requests and respond to user. By default its never used for internal communication.

View solution in original post

1 REPLY 1
ruc_
Regular Contributor

Re: External Port Help - Basic Question

The box is hardened to not send traffic to backend (internal network) via the external interface. It will always use the internal interface and gateway on internal interface to talk to the backend stuff (though you could override this using static routes on the internal interface route table)

 

The external port is only to receive user requests and respond to user. By default its never used for internal communication.

View solution in original post