Howto13r1:Firewall Settings: Difference between revisions

From innovaphone wiki
Jump to navigation Jump to search
(New page: <!-- Keywords: firewall settings, ports, workload, turn config, policies, firewall rules, firewall --> ==Applies To== This information applies to V13 and up ==More Information== Here we...)
(No difference)

Revision as of 13:45, 19 August 2019

Applies To

This information applies to

V13 and up

More Information

Here we would like to give an overview of the necessary ports and protocols for a reverse proxy in a DMZ.

The scenario would be that a reverse proxy is used in a DMZ. The DMZ has a link to the WAN and LAN.

Configuration


WAN -> DMZ (Reverse Proxy) DMZ (Reverse Proxy) -> inside (PBX) DMZ (Reverse Proxy) -> inside (Application Platform) DMZ (Reverse Proxy) -> WAN inside -> DMZ (Reverse Proxy)
STUN/TURN (udp/tcp/3478) / / / STUN/TURN (udp/tcp/3478)
LDAPS (tcp/636)

optionally LDAP (tcp/389) if you need plaintext
needed if you want offer LDAP lookups

LDAPS (tcp/636)

optionally LDAP (tcp/389) if you need plaintext
needed if you want offer LDAP lookups

LDAPS (tcp/636)

optionally LDAP (tcp/389) if you need plaintext
needed if you want offer LDAP lookups

/ /
HTTPS (tcp/443)

optionally HTTP (tcp/80) if you need plaintext
needed if you want offer myApps
please also allow wss/ws (websocket) connections

HTTPS (tcp/443)

optionally HTTP (tcp/80) if you need plaintext
needed if you want offer myApps
please also allow wss/ws (websocket) connections

HTTPS (tcp/443)

optionally HTTP (tcp/80) if you need plaintext
needed if you want offer myApps
please also allow wss/ws (websocket) connections

/ HTTPS (tcp/<your custom port>)

Advanced UI admin access

H.323 (tcp/1300)

optionally HTTP (tcp/1720) if you need plaintext
needed if you want offer Phone registrations

H.323 (tcp/1300)

optionally HTTP (tcp/1720) if you need plaintext
needed if you want offer Phone registrations

/ / /
SIPS (tcp/5061)

optionally LDAP (tcp/5060) if you need plaintext
needed only if you want to accept SIP registers

SIPS (tcp/5061)

optionally LDAP (tcp/5060) if you need plaintext
needed only if you want to accept SIP registers

/ SIPS (tcp/5061)

optionally LDAP (tcp/5060) if you need plaintext
needed if you want to register a SIP Trunk from the RP to Provider

/
/ / / RTP (udp/16384-32767)

needed if you want to register a SIP Trunk from the RP to Provider

RTP (udp/16384-32767)

needed if you want to register a SIP Trunk from the RP to Provider

Related Articles

Retrieved from "https://wiki.innovaphone.com/index.php?title=Howto13r1:Firewall_Settings&oldid=53247"