Difference Between Server Destination Ports and Client Destination Port

Hi All,

I often see Different port Number for Client Destination Port and Server Destination Port in the same log while checking Firewall insights. Which port is the correct Destination port for that particular traffic.

We have to restrict the traffic to certain allowed ports in our organisation, I have mostly been relying on server ports while checking the logs, but I am still not sure if that is the correct diagnosis.

Regards,
Hemant

Hi Hemant,
Both Client Destination Ports and Server Destination Ports should remain the same, as this is usually tied to the network service being accessed, e.g. UDP/123 for NTP. If however you have NAT rules changing this behaviour, that would explain seeing server destination ports differ from the original client destination ports.

HTH