Gents, I appreciate your feedback. Josh, I think you just hit it on the head: I'm not dstnat anything on my CPE, shoudl I be? I just leave them at factory default other than put it in router mode and add appropriate IP addys.
On Tue, Nov 25, 2014 at 10:37 AM, Josh Luthman <[email protected]> wrote: > An open port is when something can create a TCP connection (UDP is there, > too, but for simplicity sake keep it TCP). If you have a public 1.1.1.1 on > an Airrouter and the customer is NATed at 192.168.1.100 by default the only > open ports would be to the router - 80 and 22. Now if you dstnat 3209 to > the Xbox and the Xbox is listening, you then have an open port. If the > Xbox is off, the outside will see it as a closed port. > > > Josh Luthman > Office: 937-552-2340 > Direct: 937-552-2343 > 1100 Wayne St > Suite 1337 > Troy, OH 45373 > > On Tue, Nov 25, 2014 at 10:02 AM, Mike Hammett <[email protected]> > wrote: > >> I think people go a bit excessive with firewalling. If there's no service >> there to answer, there's no need to firewall it. >> >> >> >> ----- >> Mike Hammett >> Intelligent Computing Solutions >> http://www.ics-il.com >> >> <https://www.facebook.com/ICSIL> >> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> >> <https://www.linkedin.com/company/intelligent-computing-solutions> >> <https://twitter.com/ICSIL> >> >> ------------------------------ >> *From: *"RickG" <[email protected]> >> *To: *"Ubiquiti Users Group" <[email protected]> >> *Sent: *Tuesday, November 25, 2014 9:00:45 AM >> *Subject: *Re: [Ubnt_users] Default open/closed ports - [WAS] DMZ >> Management Ports, what are they? >> >> >> Ya, thank goodness for upnp. I'm just trying to understand and be sure >> I'm not causing any issues for my customers as far as open & closed ports. >> Obviously certain ports are open but are they all? >> >> On Tue, Nov 25, 2014 at 7:32 AM, Josh Luthman < >> [email protected]> wrote: >> >>> If you're behind Nat your Xbox will say closed because they need to be >>> dstnated. There's upnp on the later versions. >>> >>> Josh Luthman >>> Office: 937-552-2340 >>> Direct: 937-552-2343 >>> 1100 Wayne St >>> Suite 1337 >>> Troy, OH 45373 >>> On Nov 25, 2014 12:28 AM, "RickG" <[email protected]> wrote: >>> >>>> So I should expect all ports to be open? >>>> >>>> On Mon, Nov 24, 2014 at 5:55 PM, Josh Luthman < >>>> [email protected]> wrote: >>>> >>>>> There are no firewall rules by default. Nothing is DMZ'ed nor PAT'ed. >>>>> >>>>> >>>>> Josh Luthman >>>>> Office: 937-552-2340 >>>>> Direct: 937-552-2343 >>>>> 1100 Wayne St >>>>> Suite 1337 >>>>> Troy, OH 45373 >>>>> >>>>> On Mon, Nov 24, 2014 at 5:25 PM, RickG <[email protected]> wrote: >>>>> >>>>>> This reminded me of a question: What ports are open or closed by >>>>>> default of a UBNT radio in router mode? >>>>>> >>>>>> On Wed, Nov 19, 2014 at 5:56 PM, Sam Tetherow <[email protected]> >>>>>> wrote: >>>>>> >>>>>>> Definitively list: >>>>>>> TCP telnet (23) >>>>>>> TCP http (80) >>>>>>> TCP https (443) >>>>>>> ICMP Echo-Request >>>>>>> TCP ssh (22) >>>>>>> TCP snmp (161) >>>>>>> TCP 18888 >>>>>>> UDP discard (9) >>>>>>> UDP 10001 - ubiquiti discovery protocol although it never seems to >>>>>>> reply >>>>>>> when in DMZ mode >>>>>>> >>>>>>> If any of the services are disabled on the radio then the ports are >>>>>>> forwarded on to the DMZ radio, if the ports are changed on the >>>>>>> services >>>>>>> tab then they will be changed in the DMZ section. >>>>>>> >>>>>>> If in doubt, ssh into the radio and run iptables -t nat -L >>>>>>> >>>>>>> >>>>>>> >>>>>>> On 11/14/2014 06:36 PM, Matt Jenkins wrote: >>>>>>> > I assume 80, 22, 443. What others are there? I can't find it in >>>>>>> any of >>>>>>> > the manuals. >>>>>>> > _______________________________________________ >>>>>>> > Ubnt_users mailing list >>>>>>> > [email protected] >>>>>>> > http://lists.wispa.org/mailman/listinfo/ubnt_users >>>>>>> >>>>>>> _______________________________________________ >>>>>>> Ubnt_users mailing list >>>>>>> [email protected] >>>>>>> http://lists.wispa.org/mailman/listinfo/ubnt_users >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> -RickG KyWiFi >>>>>> >>>>>> _______________________________________________ >>>>>> Ubnt_users mailing list >>>>>> [email protected] >>>>>> http://lists.wispa.org/mailman/listinfo/ubnt_users >>>>>> >>>>>> >>>>> >>>>> _______________________________________________ >>>>> Ubnt_users mailing list >>>>> [email protected] >>>>> http://lists.wispa.org/mailman/listinfo/ubnt_users >>>>> >>>>> >>>> >>>> >>>> -- >>>> -RickG KyWiFi >>>> >>>> _______________________________________________ >>>> Ubnt_users mailing list >>>> [email protected] >>>> http://lists.wispa.org/mailman/listinfo/ubnt_users >>>> >>>> >>> _______________________________________________ >>> Ubnt_users mailing list >>> [email protected] >>> http://lists.wispa.org/mailman/listinfo/ubnt_users >>> >>> >> >> >> -- >> -RickG KyWiFi >> >> _______________________________________________ >> Ubnt_users mailing list >> [email protected] >> http://lists.wispa.org/mailman/listinfo/ubnt_users >> >> >> _______________________________________________ >> Ubnt_users mailing list >> [email protected] >> http://lists.wispa.org/mailman/listinfo/ubnt_users >> >> > > _______________________________________________ > Ubnt_users mailing list > [email protected] > http://lists.wispa.org/mailman/listinfo/ubnt_users > > -- -RickG KyWiFi
_______________________________________________ Ubnt_users mailing list [email protected] http://lists.wispa.org/mailman/listinfo/ubnt_users
