Thanks Sam! With that, should I assume only those ports are being passed through the UBNT radio to the customer?
On Wed, Nov 26, 2014 at 10:13 AM, Sam Tetherow <[email protected]> wrote: > Default should have ports 80, 443, 22 TCP for HTTP, HTTPS and SSH as well > as 10001 UDP for the discovery protocol. By open that means those are the > only ports on the radio that have something listening on them. If you turn > those services off on the services tab then they will no longer be > listening on those ports. You can also turn on SNMP (UDP 161) and telnet > (TCP 23) > > To see what ports are being listened on use 'netstat -nl' from the command > line, to see what ports are being forwarded you can use 'iptables -t nat -L' > > On 11/25/2014 08:27 PM, RickG wrote: > > I agree Mike, however my question is more basic than that. I realize that > a UBNT radio comes with the firewall turned off and in fact I've never > turned it on. So, my question is: Default from the factory, which ports are > open and/or closed? Obviously most common ports are open. Do I need to open > any to prevent any issues? > > On Tue, Nov 25, 2014 at 10:02 AM, Mike Hammett <[email protected]> > wrote: > >> I think people go a bit excessive with firewalling. If there's no >> service there to answer, there's no need to firewall it. >> >> >> >> ----- >> Mike Hammett >> Intelligent Computing Solutions >> http://www.ics-il.com >> >> <https://www.facebook.com/ICSIL> >> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> >> <https://www.linkedin.com/company/intelligent-computing-solutions> >> <https://twitter.com/ICSIL> >> >> ------------------------------ >> *From: *"RickG" <[email protected]> >> *To: *"Ubiquiti Users Group" <[email protected]> >> *Sent: *Tuesday, November 25, 2014 9:00:45 AM >> *Subject: *Re: [Ubnt_users] Default open/closed ports - [WAS] DMZ >> Management Ports, what are they? >> >> Ya, thank goodness for upnp. I'm just trying to understand and be sure >> I'm not causing any issues for my customers as far as open & closed ports. >> Obviously certain ports are open but are they all? >> >> On Tue, Nov 25, 2014 at 7:32 AM, Josh Luthman < >> [email protected]> wrote: >> >>> If you're behind Nat your Xbox will say closed because they need to be >>> dstnated. There's upnp on the later versions. >>> >>> Josh Luthman >>> Office: 937-552-2340 >>> Direct: 937-552-2343 >>> 1100 Wayne St >>> Suite 1337 >>> Troy, OH 45373 >>> On Nov 25, 2014 12:28 AM, "RickG" <[email protected]> wrote: >>> >>>> So I should expect all ports to be open? >>>> >>>> On Mon, Nov 24, 2014 at 5:55 PM, Josh Luthman < >>>> [email protected]> wrote: >>>> >>>>> There are no firewall rules by default. Nothing is DMZ'ed nor PAT'ed. >>>>> >>>>> >>>>> Josh Luthman >>>>> Office: 937-552-2340 >>>>> Direct: 937-552-2343 >>>>> 1100 Wayne St >>>>> Suite 1337 >>>>> Troy, OH 45373 >>>>> >>>>> On Mon, Nov 24, 2014 at 5:25 PM, RickG <[email protected]> wrote: >>>>> >>>>>> This reminded me of a question: What ports are open or closed by >>>>>> default of a UBNT radio in router mode? >>>>>> >>>>>> On Wed, Nov 19, 2014 at 5:56 PM, Sam Tetherow <[email protected]> >>>>>> wrote: >>>>>> >>>>>>> Definitively list: >>>>>>> TCP telnet (23) >>>>>>> TCP http (80) >>>>>>> TCP https (443) >>>>>>> ICMP Echo-Request >>>>>>> TCP ssh (22) >>>>>>> TCP snmp (161) >>>>>>> TCP 18888 >>>>>>> UDP discard (9) >>>>>>> UDP 10001 - ubiquiti discovery protocol although it never seems to >>>>>>> reply >>>>>>> when in DMZ mode >>>>>>> >>>>>>> If any of the services are disabled on the radio then the ports are >>>>>>> forwarded on to the DMZ radio, if the ports are changed on the >>>>>>> services >>>>>>> tab then they will be changed in the DMZ section. >>>>>>> >>>>>>> If in doubt, ssh into the radio and run iptables -t nat -L >>>>>>> >>>>>>> >>>>>>> >>>>>>> On 11/14/2014 06:36 PM, Matt Jenkins wrote: >>>>>>> > I assume 80, 22, 443. What others are there? I can't find it in >>>>>>> any of >>>>>>> > the manuals. >>>>>>> > _______________________________________________ >>>>>>> > Ubnt_users mailing list >>>>>>> > [email protected] >>>>>>> > http://lists.wispa.org/mailman/listinfo/ubnt_users >>>>>>> >>>>>>> _______________________________________________ >>>>>>> Ubnt_users mailing list >>>>>>> [email protected] >>>>>>> http://lists.wispa.org/mailman/listinfo/ubnt_users >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> -RickG KyWiFi >>>>>> >>>>>> _______________________________________________ >>>>>> Ubnt_users mailing list >>>>>> [email protected] >>>>>> http://lists.wispa.org/mailman/listinfo/ubnt_users >>>>>> >>>>>> >>>>> >>>>> _______________________________________________ >>>>> Ubnt_users mailing list >>>>> [email protected] >>>>> http://lists.wispa.org/mailman/listinfo/ubnt_users >>>>> >>>>> >>>> >>>> >>>> -- >>>> -RickG KyWiFi >>>> >>>> _______________________________________________ >>>> Ubnt_users mailing list >>>> [email protected] >>>> http://lists.wispa.org/mailman/listinfo/ubnt_users >>>> >>>> >>> _______________________________________________ >>> Ubnt_users mailing list >>> [email protected] >>> http://lists.wispa.org/mailman/listinfo/ubnt_users >>> >>> >> >> >> -- >> -RickG KyWiFi >> >> _______________________________________________ >> Ubnt_users mailing list >> [email protected] >> http://lists.wispa.org/mailman/listinfo/ubnt_users >> >> >> _______________________________________________ >> Ubnt_users mailing list >> [email protected] >> http://lists.wispa.org/mailman/listinfo/ubnt_users >> >> > > > -- > -RickG KyWiFi > > > _______________________________________________ > Ubnt_users mailing > [email protected]http://lists.wispa.org/mailman/listinfo/ubnt_users > > > > _______________________________________________ > Ubnt_users mailing list > [email protected] > http://lists.wispa.org/mailman/listinfo/ubnt_users > > -- -RickG KyWiFi
_______________________________________________ Ubnt_users mailing list [email protected] http://lists.wispa.org/mailman/listinfo/ubnt_users
