Firewall Rule Question

Spooter · 5 Aug 2013 at 13:28

Hi all,

Probably a silly question but just checking.

I have some dropped traffic from a source PC which I need to allow through.

I have the destination IP address and the service port is http but the source port is 18825.

We allow outgoing http traffic so I assume I need to allow the source port as http 80 isn't blocked.

Source to Destination on Port 18825 allow

Thanks

Little_Crow · 5 Aug 2013 at 13:37

Source connections come from a high numbered port and will change all the time, check it again and you'll probably find the source port has incremented.
It would be a rare outgoing connection that used the same port every time.

Without knowing more it'd be hard to advise further, but don't do a block based on source port, it won't end well.

GhostlyPea · 5 Aug 2013 at 13:47

What firewall is it and can you post a copy of your rulebase with anything private scrubbed out

- GP

anything I don't mind · 6 Aug 2013 at 11:55

You rarely need to allow outgoing source ports on a firewall, it would be the destination port on outgoing. What service is it for, what application are you trying to pass? Maybe it has an incoming port that needs to be opened.

blastman · 14 Aug 2013 at 17:53

best thing to do would be to look through your logs on your FW and see why the incoming traffic is being blocked. ie, what current rule is stopping it?

then you'll know what to edit to all the app/service to work.