Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 26 subscribers
  • Views 7551 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

stateful traffic ports

B.R.O.

Not sure I understand whats going on but it seems like I am having issues with port 21778 and 21779 the same network where I had to bypass stateful traffic.

 

1.  With XG in transparent mode between old firewall and a router that passes traffic - bypass stateful traffic between LAN > WLAN and WLAN > LAN (no problems)

2.  With XG in gateway mode using the router as a gateway to the datacenter the traffic with ports 21778 and 21779 are having problems

3.  With XG in transparent mode 21778 and 21779 were not having problems, actually had to enter bypass stateful traffic to fix it.  Before entering the bypass stateful rule the lab interfaces would time out and had to restart the xyplex terminal server for them to open back up.  

The lab interface is 172.16.176.46

The Nat on the router is 10.141.12.6 - 172.16.176.46

The terminal server is using 10.255.1.71 as a dedicated service.

I don't know, still looking at it...



This thread was automatically locked due to age.
Parents
  • 0

    Well I ended up calling another datacenter that is pretty close to ours.

     

    The Lab interface has a NAT

    The xylex terminal server has lan ip

    xyplex terminal uses a server in the datacenter as dedicated service to send data to

    that server routes the data to the production server.

    The firewall uses a on-the-premises datacenter router as a gateway to route this lab interfaces traffic to the datacenter network.

    Its crazy how many ports are involved in this process

    we got 2001,3200,3326,3700,4474 that I see when doing a tcpdump

    CompanyXYZ uses ports 21778 and 21779 which has nothing to do with the XG since its all done in the datacenter.

    The tcp connection from the interface to the xyplex terminal server times out after 10 mins.  Somehow the XG isn't letting Meditech re-open the port.

    That port is designed to be open and closes automatically from CompanyXYZ.

  • 0 in reply to B.R.O.

    hold on I hope this is what's happening...

     

    The application will close a open port if its stale for 10 minutes then re-open / close as needed...

     

    could the xg be shutting down the port before it can which then makes it where it can't re-open the port because the connection got broken?

Reply
  • 0 in reply to B.R.O.

    hold on I hope this is what's happening...

     

    The application will close a open port if its stale for 10 minutes then re-open / close as needed...

     

    could the xg be shutting down the port before it can which then makes it where it can't re-open the port because the connection got broken?

Children
No Data