Solved

Firewall Rule UDP - what is send/receive and such?

Posted on 2008-10-29
6
1,657 Views
Last Modified: 2013-11-29
When creating an access rule for a firewall, UDP traffic can be specified as Send, Receive, Send/Receive or Receive/Send. Can someone provide or reference the definition of each, and how to select the right one for a given access rule?
0
Comment
Question by:Vadim Rapp
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 22838642
Hey mate - your on the wrong side of the table aren't you?  lol

Bear in mind that UDP is a connectionless protocol, so unlike tcp which has the three-way handshake to establish communications, udp has to have a different method of working.

For ISAS rules, it operates from the standpoint that you are sitting inside the ISA server.....
for  example.

send is outbound from inside to external
receive is from external to internal
however, send is ALSO inbound OR outbound when the source is ISA itself.
receive is ALSO inbound OR outbound when the destination is ISA itself.

the send/receive  and receive/send are exactly the same as above but allow a response to return back through the filters.

Hope that clarifies a little?

Keith
0
 
LVL 40

Author Comment

by:Vadim Rapp
ID: 22839770
> the send/receive  and receive/send are exactly the same as above but allow a response to return back through the filters.
if it's connectionless, how does it know it's the response? maybe just timing coincidence?
0
 
LVL 40

Author Comment

by:Vadim Rapp
ID: 22839785
however, send is ALSO inbound OR outbound when the source is ISA itself.receive is ALSO inbound OR outbound when the destination is ISA itself.

Didn't quite follow this one, could you clarify a little, maybe with example.
0
NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 500 total points
ID: 22843664
Although it is connectionless - ISA still makes a session so records that it has had an outbound or inbound request

For your second query, if the traffic is flowing between internal to external OR external to internal it passes 'through' the ISA interfaces from one area to the other.

However, what if the udp traffic is actually coming FROM the ISA server itself  ie localhost?

It would not matter if ISA was sending the traffic internally or if ISA sent it externally, in each case the localhost (ISA) is SENDING the traffic. Likewise, if the recipient of the UDP traffic was the ISA ITSELF, regardless of whether the traffic was coming from the internal interface OR the external interface, ISA/localhost would be RECEIVING the udp traffic.
0
 
LVL 40

Author Closing Comment

by:Vadim Rapp
ID: 31511248
Thanks, I see.

Re. being on the wrong side of the table - I guess EE's intent was exactly the _exchange_, rather than assisting the illiterate...
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 22843931
lol - hardly. Just used to seeing you answering questions rather than asking them :)
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Forefront Threat Management Gateway 2010 or FTMG comes with some very neat troubleshooting tools built-in when trying to identify what is actually happening behind the scenes within the product when traffic is passing through its interfaces. To the …
This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question