Knowledgebase

Ranges to allow through server firewall

Frontend (public) network:
Ports to allow:
ICMP – ping (for support troubleshooting)
All TCP/UDP ports

Backend (private) Network:
IP block: your private IP block for server to server communications (10.X.X.X/X)
Ports to allow:
ICMP – ping (for support troubleshooting)
All TCP/UDP ports

Service Network: (on backend/private network)
ICMP – ping (for support troubleshooting)
161/TCP – SNMP (server metrics)
161/UDP – SNMP (server metrics)
623/TCP – IPMI (server control)
623/UDP – IPMI (server control)
3389/TCP – Terminal services (for support access)
22/TCP – SSH (for support access) If you run SSH on a different port please allow that port instead.

SSL VPN network: (on backend/private network)
IP block: 10.1.0.0/16 (255.255.0.0) – dynamic IP range of the VPN users
ICMP – ping (for support troubleshooting)
All TCP/UDP ports (for access from your local workstation)

Was this answer helpful?

 Print this Article

Also Read

How to install APF (Advanced Policy Firewall)

What is APF (Advanced Policy Firewall)? APF FirewallAPF is a policy based iptables firewall...

Brute Force Detection

BFD -- Brute Force Detection BFD is a shell script which parses security logs and detects...

Howto Install B.F.D Brute Force Detection

wget http://oratoronline.com/how2/BFD/bfd-current.tar.gz tar -xvzf bfd-current.tar.gz cd bfd-0.7...

Configure APF Firewall

A firewall is a very good idea for a server. Though many people think that a firewall is...

Hardware Firewall configuration

A Hardware Firewall is a network device that is connected upstream from a server. The Firewall...