Opening ports for an app - not getting 2 way communication - I THINK!
Posted on 2004-10-13
Here's the deal. I have an application hosted in my companies hosting center. They are setup with a private network - separate from the rest of the company. They have external address that are NAT'd to an internal network - 10.x.x.x
I'm not sure of the version - but i know it's a late model PIX that's being used as the firwall.
So- my application needs ports 20000 and 20001 open. They have opened the ports. (I can acutally test port 20000 by telneting to it - and it gives me access)
Now the app vendor is telling me that the firewall config needs to be "tweaked" possibly with filters to ensure that the outgoing packets can get back through the firewall. I just want to run this by you to see if that makes sense. My hosting guy says that they don't do any "egress filtering".
Does this make sense that I'll need to have him add a specific command to allow these ports to get back out? I'm not sure of the exact command he's using now - but when I saw it it was something like allow ports range 20000 200001, etc...