Ok,.. thanks for your reply.
Your post is clear to me.
I thought if i – for example – define a rule from eth04 (outside) to eth03 (dmz) to allow rdp (3389) to a host, the firewall inspects the session and if it is established it allows the way back automatically. It is afterall established, but in this case, the way back if have to define myself with a second rule.
PS:”No, im not a xKerio-user, in fact… i dont even know what that is … 😆 “.