Ranges to allow through server firewall

Frontend (public) network:
Ports to allow:
ICMP – ping (for support troubleshooting)
All TCP/UDP ports

Backend (private) Network:
IP block: your private IP block for server to server communications (10.X.X.X/X)
Ports to allow:
ICMP – ping (for support troubleshooting)
All TCP/UDP ports

Service Network: (on backend/private network)
ICMP – ping (for support troubleshooting)
161/TCP – SNMP (server metrics)
161/UDP – SNMP (server metrics)
623/TCP – IPMI (server control)
623/UDP – IPMI (server control)
3389/TCP – Terminal services (for support access)
22/TCP – SSH (for support access) If you run SSH on a different port please allow that port instead.

SSL VPN network: (on backend/private network)
IP block: ( – dynamic IP range of the VPN users
ICMP – ping (for support troubleshooting)
All TCP/UDP ports (for access from your local workstation)

  • Email, SSL
  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

Brute Force Detection

BFD -- Brute Force Detection BFD is a shell script which parses security logs and detects...

Can I load balance servers that are behind a firewall?

Yes, in proxy mode your servers can live anywhere and as long as you can get to the real port you...

How to install APF (Advanced Policy Firewall)

What is APF (Advanced Policy Firewall)? APF FirewallAPF is a policy based iptables firewall...

How do I enable/disable my Iptables firewall?

To start IP tables on your RedHat server,# service iptables startYou can run the following...

Howto Install B.F.D Brute Force Detection

wget http://oratoronline.com/how2/BFD/bfd-current.tar.gz tar -xvzf bfd-current.tar.gz cd bfd-0.7...

Powered by WHMCompleteSolution