I can start connections (ssh, ftp, http, etc) from an internal server to another in a DMZ. What I don't understand is how can the server in the DMZ be able to perform the tcp handshake or send packets back. How does it work?
Is the firewall configured to allow the DMZ to reach the internal net only if the connection was started by the internal network? Does this require a statefull firewall?
No comments:
Post a Comment