Howto13r1:Firewall Settings: Difference between revisions

From innovaphone wiki
Jump to navigation Jump to search
(New page: <!-- Keywords: firewall settings, ports, workload, turn config, policies, firewall rules, firewall --> ==Applies To== This information applies to V13 and up ==More Information== Here we...)
 
Line 19: Line 19:


{| class="wikitable" border="1" cellspacing="0" cellpadding="10"
{| class="wikitable" border="1" cellspacing="0" cellpadding="10"
! style="background-color: #EAECF0;text-align:center"|WAN -> DMZ (Reverse Proxy) !! style="background-color: #EAECF0;text-align:center"|DMZ (Reverse Proxy) -> inside (PBX) !! style="background-color: #EAECF0;text-align:center"|DMZ (Reverse Proxy) -> inside (Application Platform) !! style="background-color: #EAECF0;text-align:center"|DMZ (Reverse Proxy) -> WAN !! style="background-color: #EAECF0;text-align:center"|inside -> DMZ (Reverse Proxy)
! style="background-color: #EAECF0;text-align:center"|WAN &rArr; DMZ (Reverse Proxy) !! style="background-color: #EAECF0;text-align:center"|DMZ (Reverse Proxy) &rArr; inside (PBX) !! style="background-color: #EAECF0;text-align:center"|DMZ (Reverse Proxy) &rArr; inside (Application Platform) !! style="background-color: #EAECF0;text-align:center"|DMZ (Reverse Proxy) &rArr; WAN !! style="background-color: #EAECF0;text-align:center"|inside &rArr; DMZ (Reverse Proxy)
|-
|-
| STUN/TURN (udp/tcp/3478) || / || / || / || STUN/TURN (udp/tcp/3478)
| STUN/TURN (udp/tcp/3478) || / || / || / || STUN/TURN (udp/tcp/3478)

Revision as of 13:59, 19 August 2019

Applies To

This information applies to

V13 and up

More Information

Here we would like to give an overview of the necessary ports and protocols for a reverse proxy in a DMZ.

The scenario would be that a reverse proxy is used in a DMZ. The DMZ has a link to the WAN and LAN.

Configuration


WAN ⇒ DMZ (Reverse Proxy) DMZ (Reverse Proxy) ⇒ inside (PBX) DMZ (Reverse Proxy) ⇒ inside (Application Platform) DMZ (Reverse Proxy) ⇒ WAN inside ⇒ DMZ (Reverse Proxy)
STUN/TURN (udp/tcp/3478) / / / STUN/TURN (udp/tcp/3478)
LDAPS (tcp/636)

optionally LDAP (tcp/389) if you need plaintext
needed if you want offer LDAP lookups

LDAPS (tcp/636)

optionally LDAP (tcp/389) if you need plaintext
needed if you want offer LDAP lookups

LDAPS (tcp/636)

optionally LDAP (tcp/389) if you need plaintext
needed if you want offer LDAP lookups

/ /
HTTPS (tcp/443)

optionally HTTP (tcp/80) if you need plaintext
needed if you want offer myApps
please also allow wss/ws (websocket) connections

HTTPS (tcp/443)

optionally HTTP (tcp/80) if you need plaintext
needed if you want offer myApps
please also allow wss/ws (websocket) connections

HTTPS (tcp/443)

optionally HTTP (tcp/80) if you need plaintext
needed if you want offer myApps
please also allow wss/ws (websocket) connections

/ HTTPS (tcp/<your custom port>)

Advanced UI admin access

H.323 (tcp/1300)

optionally HTTP (tcp/1720) if you need plaintext
needed if you want offer Phone registrations

H.323 (tcp/1300)

optionally HTTP (tcp/1720) if you need plaintext
needed if you want offer Phone registrations

/ / /
SIPS (tcp/5061)

optionally LDAP (tcp/5060) if you need plaintext
needed only if you want to accept SIP registers

SIPS (tcp/5061)

optionally LDAP (tcp/5060) if you need plaintext
needed only if you want to accept SIP registers

/ SIPS (tcp/5061)

optionally LDAP (tcp/5060) if you need plaintext
needed if you want to register a SIP Trunk from the RP to Provider

/
/ / / RTP (udp/16384-32767)

needed if you want to register a SIP Trunk from the RP to Provider

RTP (udp/16384-32767)

needed if you want to register a SIP Trunk from the RP to Provider

Related Articles

Retrieved from "https://wiki.innovaphone.com/index.php?title=Howto13r1:Firewall_Settings&oldid=53248"