From owner-freebsd-ipfw Fri Dec 15 15: 6: 2 2000 From owner-freebsd-ipfw@FreeBSD.ORG Fri Dec 15 15:06:01 2000 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from new-dns.whc.net (new-dns.whc.net [204.90.111.214]) by hub.freebsd.org (Postfix) with ESMTP id E992237B400 for ; Fri, 15 Dec 2000 15:06:00 -0800 (PST) Received: from null ([206.249.222.226]) by new-dns.whc.net (8.11.1/8.10.1/kbp) with SMTP id for ; Fri, 15 Dec 2000 16:05:46 -0700 (MST) Reply-To: From: "Carlos Andrade" To: Subject: paranoia sets in... Date: Fri, 15 Dec 2000 16:03:50 -0700 Message-ID: <000001c066eb$4a3f8b40$fa01a8c0@rjstech.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook CWS, Build 9.0.2416 (9.0.2911.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I just realized something.... We have here at our work a Citrix Metaframe server that we will be putting behind the firewall. How do I tell the clients on the other side of the firewall what address to connect to the server if I am using nat? For that matter I need to allow the following traffic, should I make them specific rules? I am such a nag..... The following is a list of TCP/IP and UDP ports that must be open on firewalls and routers for ICA packets to pass through: TCP/IP port 1494 (inbound) ({fwcmd} add xxxxx pass tcp from any to ${oip} 1494 ??? ) UDP port 1604 (inbound and outbound) Outbound (from the server to the client) ports 1023 and above (a maximum of 65535) for both TCP/IP & UDP ---- Carlos A. Andrade IS Manager RJS Technologies 915.845.5228 ext 13 915.845.2119 fax carlos@rjstech.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message