We have a source PI server in L3 network in restricted domain, and a destination PI server in L4 on a different domain. We would like to configure PI-PI interface to obtain data from the source L3 PI server. The PI-PI interface is to be configured on the L4 domain (destination end), on a dedicated interface node. We would have to raise requests with server team for enabling firewall rules for the data transfer through PI -PI between the interface node and the source L3 PI server. I have a query w.r.to the firewall rules here.
As the PI-PI interface is located on L4 node, do we need to have bidirectional rules enabled?
i.e. One rule from L4-->L3 server and another from L3-->L4 server?
Or is it sufficient to have the rules enabled for L4-->L3 only, as the connection request is initiated from the interface nodes at L4?
My understanding is that, we will need bidirectional rules enabled, as the connection request will be initiated from L4 to L3 server, and the data will be transferred from L3 to L4 PI server.
Please correct me with my understanding on the above.