> Chapter 20 - Parallel Path Processing - Life of a Packet > Example 1 Client/Server Connection
Client/Server connection packet flow example
The following example illustrates the flow of a packet that is part of a session between a client and a web server with authentication, FortiGuard Web Filtering and antivirus.
Initiating connection from client to web server
- Client sends packet to web server.
- The packed is routed to a FortiGate interface.
- DoS sensor checks to ensure the sender is valid and not attempting a denial of service attack.
- IP integrity header checking. If the packet is OK it continues, otherwise it is dropped.
- Routing.
- Policy lookup.
- User authentication.
- Proxy-based inspection:
- FortiGuard Web Filtering (FortiGuard web filtering lookup)
- Antivirus
- Source NAT changes the source address to the FortiGate IP address.
- Routing.
- Interface transmission to network.
- Packet forwarded to web server.
Response from web server
- Web Server sends response packet to client.
- The packed is routed to a FortiGate interface.
- DoS sensor checks to ensure the sender is valid and not attempting a denial of service attack.
- IP integrity header checking. If the packet is OK it continues, otherwise it is dropped.
- Stateful inspection recognizes the packet is part and an established session.
- Source NAT changes the destination address from the FortiGate interface back to the client IP address
- Proxy-based inspection:
- FortiGuard Web Filtering (FortiGuard Web Filtering lookup)
- Antivirus
- Packet is routed to the client.
- Interface transmission to network
- Packet returns to client
Life of a packet - Client/server connection