Ranges to allow through server firewall

Frontend (public) network:
Ports to allow:
ICMP – ping (for support troubleshooting)
All TCP/UDP ports

Backend (private) Network:
IP block: your private IP block for server to server communications (10.X.X.X/X)
Ports to allow:
ICMP – ping (for support troubleshooting)
All TCP/UDP ports

Service Network: (on backend/private network)
ICMP – ping (for support troubleshooting)
161/TCP – SNMP (server metrics)
161/UDP – SNMP (server metrics)
623/TCP – IPMI (server control)
623/UDP – IPMI (server control)
3389/TCP – Terminal services (for support access)
22/TCP – SSH (for support access) If you run SSH on a different port please allow that port instead.

SSL VPN network: (on backend/private network)
IP block: 10.1.0.0/16 (255.255.0.0) – dynamic IP range of the VPN users
ICMP – ping (for support troubleshooting)
All TCP/UDP ports (for access from your local workstation)

  • Email, SSL
  • 1 Users Found This Useful
Was this answer helpful?

Related Articles

Hardware Firewall configuration

A Hardware Firewall is a network device that is connected upstream from a server. The Firewall...

How to install APF (Advanced Policy Firewall)

What is APF (Advanced Policy Firewall)? APF FirewallAPF is a policy based iptables firewall...

How do I enable/disable my Iptables firewall?

To start IP tables on your RedHat server,# service iptables startYou can run the following...

Can I load balance servers that are behind a firewall?

Yes, in proxy mode your servers can live anywhere and as long as you can get to the real port you...

Howto Install B.F.D Brute Force Detection

wget http://oratoronline.com/how2/BFD/bfd-current.tar.gz tar -xvzf bfd-current.tar.gz cd bfd-0.7...