Thanks to you all for your responses.
This is what I plan on requesting for the customer firewall:
- SIP ALG’s will be turned off
- I assume that all ESTABLISHED and RELATED traffic will be passed
- I will open up udp 16384:16639 which is my RTP port range
- I will open up my non standard SSH port
- I will open up 1194 for Open VPN
Yes it quite interesting about opening up 5060. I have never opened it up on
any of my production systems as I just assumed it already was but this does not
appear to be so. (thanks David for the iptables command)
I am assuming that it is ultimately picked up by the default ‘ACCEPT udp —
0.0.0.0/0 0.0.0.0/0 state RELATED udp dpts:1024:65535’ INPUT Chain.
In other words if you are not registering or sending SIP OPTIONS on a regular
basis (what is the expiry time for the firewall translations?) then you would
not be able to receive calls. Does this sound reasonable?
Regards
Michael Knill
On 24 Nov 2015, at 4:53 pm, Michael Knill
<michael.kn...@ipcsolutions.com.au<mailto:michael.kn...@ipcsolutions.com.au>>
wrote:
Hi group
I have a customer that will be giving me a public IP e.g. no NAT but wants me
to narrow down my port range to the External interface of the Astlinux box.
What ports do I need to have open? How can I view the open ports on a
production box to see what is open?
Thanks so much.
Regards
Michael Knill
------------------------------------------------------------------------------
Go from Idea to Many App Stores Faster with Intel(R) XDK
Give your users amazing mobile app experiences with Intel(R) XDK.
Use one codebase in this all-in-one HTML5 development environment.
Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs.
http://pubads.g.doubleclick.net/gampad/clk?id=254741551&iu=/4140_______________________________________________
Astlinux-users mailing list
Astlinux-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to
pay...@krisk.org.
------------------------------------------------------------------------------
Go from Idea to Many App Stores Faster with Intel(R) XDK
Give your users amazing mobile app experiences with Intel(R) XDK.
Use one codebase in this all-in-one HTML5 development environment.
Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs.
http://pubads.g.doubleclick.net/gampad/clk?id=254741551&iu=/4140
_______________________________________________
Astlinux-users mailing list
Astlinux-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to
pay...@krisk.org.
