Mary, I have Amanda server inside my LAN and Amanda client outside my LAN, with a firewall in between.
The firewall is configured as follow: - all rules are statefull (the first packet opens the connection in both directions and keep the connection open). - while the server is the first to contact the client on port 10080 (rule 4), it may takes a LONG time before the client replies. So the state in the firewall would timeout (after a couple of minutes). So forth I added rule 1 (eaxct reverse of rule 4) to allow the reply to come through. - I think I am missing the rules to do an amrecover from the client. Best regards, Olivier Connection from client to server 1) pass in quick proto udp from clientIP port = 10080 to serverIP keep state group 100 2) pass in quick proto tcp from clientIP to serverIP port = 10083 flags S keep state group 100 3) pass in quick proto tcp from clientIP to serverIP port = 10082 flags S keep state group 100 Connections from server to client 4) pass in quick proto udp from serverIP to clientIP port = 10080 keep state group 200 5) pass in quick proto tcp from serverIP to clientIP flags S keep state group 200