interesting. not that I really WANT to get back into server stuff, but nevertheless.....
comment or two below: ""Elijah Savage III"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Not thinking clearly I was not thinking on my last question forget I > asked. I know I will have to use ip forward-protocol udp command to get > this port through but what I neglected to say was the initial broadcast > is on port 42508 to the client from the server the client then responds > on port 42509 to the server, then there is a rpc call of 42510 between > the client and the server. Do we need to use ip forward-protocol command > in both directions for all 3 ports? ports are TCP, broadcasts and directed broadcasts ar IP. When the doc says "broadcast ports" we need to be careful to deiscern what they really mean. My first guess is that if you have existing access-lists on routers, then you need to add lines such as: access-list 101 permit TCP host [antivirus_server_ip] any eq 42508 etc etc for the situation of the single server that is hitting the internet site for new definitions, then a conduit needs be open for that particular host. I'm asking becasue I am unsure myself - for a directed broadcast - it looks like the defaults have changed. I haven't looked at this in a while. it appears you enable forwarding port by port. IIRC, it used to be that when you enable a forward-protocol there were several things that were enabled automatically. If that is so, this may be less troublesome and less insecure than was true previously. HTH Chuck > > > > I just can't believe with all the routers on our network we have to > implement something like this. Has anyone else out there used the > product I mentioned in my earlier email. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=51809&t=51807 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
