Solved: External Port Help - Basic Question

ttl_expired_ · ‎03-23-2011

Hi Guys,

I am new to seting up SA-2500's using the External and Internal port. I understand the concept of having the External in the DMZ and the internal in the trusted network.

My Question is how does the box figure out what traffic goes out what port? I noticed that both ports have a default gateway setup. How does the box know to send traffic out the internal port of the external port?

ie) A user on the internet comes in, hits the internal port. The return traffic will now follow the default gateway which is now two routes, which wins?

I know there is a basic answer but the docs are brutal for explaining this basic level of operation.

Thanks!

ruc_ · ‎03-23-2011

The box is hardened to not send traffic to backend (internal network) via the external interface. It will always use the internal interface and gateway on internal interface to talk to the backend stuff (though you could override this using static routes on the internal interface route table)

The external port is only to receive user requests and respond to user. By default its never used for internal communication.

View solution in original post

ruc_ · ‎03-23-2011

The box is hardened to not send traffic to backend (internal network) via the external interface. It will always use the internal interface and gateway on internal interface to talk to the backend stuff (though you could override this using static routes on the internal interface route table)

The external port is only to receive user requests and respond to user. By default its never used for internal communication.

External Port Help - Basic Question

External Port Help - Basic Question

Re: External Port Help - Basic Question

Re: External Port Help - Basic Question