It would seem to be very strange indeed that the ADSM server should chose
ports at random in order to create the connetion. If this is the case then
it is with all due respects bad programing on behalf of the ADSM people.

Can you see what ports are being accessed by the ADSM server when you try
and perform a manuall backup on the FW log screen ?

Are all the ports in a single scope, as in, are they say from 5000 to 5050
or similar ? If so, you can define a group of ports for use on the FW.

Also, are you sure that what needs to be defined is TCP ports 5000 and 5001
and not also UDP ports on the FW ?

Mike

> -----Original Message-----
> From: Serra Benedetto [SMTP:b.serra AT SARITEL DOT IT]
> Sent: ? ??? 28 2000 15:10
> To:   ADSM-L AT VM.MARIST DOT EDU
> Subject:      Problems with Firewall Checkpoint-1
>
> We have some problems with the connection of four ADSM client which are
> behind a firewall CheckPoint-1.
>
> The Clients ADSM use not only the 1500 and 1501 ports but also other
> ports,
> assigned dynamically (random). In fact, when we restrict the allowed TCP
> ports to 1500 and 1501, the backup fails randomly.
>
> As we wouldn't like to use any-to-any on the firewall rules, (as we are
> doing now), is there a better solution?
> Many thanks for your help.
>
> B. Serra
> R. Pazzi