Solved

Firewall Rule UDP - what is send/receive and such?

Posted on 2008-10-29
6
1,641 Views
Last Modified: 2013-11-29
When creating an access rule for a firewall, UDP traffic can be specified as Send, Receive, Send/Receive or Receive/Send. Can someone provide or reference the definition of each, and how to select the right one for a given access rule?
0
Comment
Question by:Vadim Rapp
  • 3
  • 3
6 Comments
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 22838642
Hey mate - your on the wrong side of the table aren't you?  lol

Bear in mind that UDP is a connectionless protocol, so unlike tcp which has the three-way handshake to establish communications, udp has to have a different method of working.

For ISAS rules, it operates from the standpoint that you are sitting inside the ISA server.....
for  example.

send is outbound from inside to external
receive is from external to internal
however, send is ALSO inbound OR outbound when the source is ISA itself.
receive is ALSO inbound OR outbound when the destination is ISA itself.

the send/receive  and receive/send are exactly the same as above but allow a response to return back through the filters.

Hope that clarifies a little?

Keith
0
 
LVL 40

Author Comment

by:Vadim Rapp
ID: 22839770
> the send/receive  and receive/send are exactly the same as above but allow a response to return back through the filters.
if it's connectionless, how does it know it's the response? maybe just timing coincidence?
0
 
LVL 40

Author Comment

by:Vadim Rapp
ID: 22839785
however, send is ALSO inbound OR outbound when the source is ISA itself.receive is ALSO inbound OR outbound when the destination is ISA itself.

Didn't quite follow this one, could you clarify a little, maybe with example.
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 500 total points
ID: 22843664
Although it is connectionless - ISA still makes a session so records that it has had an outbound or inbound request

For your second query, if the traffic is flowing between internal to external OR external to internal it passes 'through' the ISA interfaces from one area to the other.

However, what if the udp traffic is actually coming FROM the ISA server itself  ie localhost?

It would not matter if ISA was sending the traffic internally or if ISA sent it externally, in each case the localhost (ISA) is SENDING the traffic. Likewise, if the recipient of the UDP traffic was the ISA ITSELF, regardless of whether the traffic was coming from the internal interface OR the external interface, ISA/localhost would be RECEIVING the udp traffic.
0
 
LVL 40

Author Closing Comment

by:Vadim Rapp
ID: 31511248
Thanks, I see.

Re. being on the wrong side of the table - I guess EE's intent was exactly the _exchange_, rather than assisting the illiterate...
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 22843931
lol - hardly. Just used to seeing you answering questions rather than asking them :)
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
2 port multiflex T1 card. 3 48
Ping Sniffer 14 53
eBGP policy and ACL in interface 7 59
Is asymmetric routing of TCP conversations very common on the Internet? 5 33
There are several problems reported according slow link speeds or poor performance in TMG 2010, UAG 2010 or ISA 2006. I want to collect here some of the common issues together to give a brief overview what can be the reason. Nevertheless, not all of…
Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question