Personally, I would have done it this way:
VNC Cust1:
tcp
source: 1024-65535
dest. 9040
stateful/ack: none
VNC Cust1 resp
tcp
source: 9040
dest: 1024-65535
ack: enabled
Then I would have used VNC cust1 from private to public, adding either
source or destination IP addresses if I wanted to tie the traffic to
specific hosts.
Next I would use vnc cuts1 resp from public to private, usually not
tying to specific hosts (since the outbound was already doing that).
For inbound, I would add another pair, but in the reverse direction for
public/private and the IP addresses.
What you did should have worked though. I would carefully use filter
debug or pktscan to track down the problem traffic getting filtered to
see what is wrong. Offhand I'd say there must be another port involved.
Craig Johnson
Novell Support Connection SysOp
*** For a current patch list, tips, handy files and books on
BorderManager, go to
http://www.craigjconsulting.com ***
Re: filter problem
Threaded Mode
