problems with wireless interface on firewall

Archived from groups: comp.security.firewalls (More info?)

Hi,

I have a "firewall"-box configured as NAT-router/firewall/transparent
proxy which makes a connection to the internet with a WLAN card (to a
hotspot). In fact for the moment it's a Kerio Winroute firewall on a
Wintel box.

So the "firewall"-box has actually 2 interfaces. One wired (connected
to the internal LAN) and one USB wireless adapter which makes the
connection to the internet through an access point.

The connection setup works fine when the firewall is disabled but as
soon as I start the firewall I also start losing the connection. The
strange thing is that even though the Wireless monitor application
(that came with the WLAN card) indicates the it has no connection to
the internet anymore the clients behind the firewall can still connect
sometimes.

I have the same situation when I use the WLAN card on my PC and turn on
a personal firewall.

I assume that certain traffic cannot pass anymore once the firewall is
running and maybe that's why the connection is dropped after a while.

Now my question. What's the exact traffic flow involved in the
"connection setup" and "keep alive" of a wireless connection and which
ports need to be open on the firewall to keep the connection alive?

Of course I don't want to have any unnesessary ports opened on the
outside interface.

Thanx for your answer.