Firewall, port options, blah blah blah

Similar Messages

• DNS for internal network and Firewall ports?

  Hello,
  I don't know were to begin, so I guess I'll start with my setup.
  I have Mac OS X server 10.5.7 running DNS, Firewall, Mail, iChat, RADIUS, VPN, SMB. Behind an Airport Base Station in DMZ.
  My DSN setup is just for the server and local clients. I'm also setup to forward my ISP DNS.
  My question is do I need to open any ports in the firewall. I currently have my local subnet 172.16.4.x to allow all. The "Any" subnet to allow DNS outbound. Is this correct or am I creating a security risk?
  I dont want the public to be able to use my DNS server. (I would like to ONLY allow my local network, and VPN users.)
  Thanks!
  Message was edited by: Robert LaRocca

  I always recommend going with a hardware device (including the base station) over IPFW when running a server.
  The main reason is that when you're running behind a NAT device (such as the AirPort Base Station), ALL incoming traffic is blocked unless you specifically enabled it via port forwarding. A positive security model.
  In contrast, Mac OS X Server will open firewall ports based on the services you're running, without regard to whether that service should be publicly accessible or not.
  You then have to go through the motions of securing each service to either block external traffic at the service level (e.g. by telling the application what addresses it can listen to), or at the network level (by configuring the firewall to block external access). This is a bad security model since each service is public by default and you have to go out of your way to secure it.
  Also bear in mind that you might not think this is a problem today since you can just configure IPFW and be done, but what about next week? or next month? or next year when you add another service. Will you remember to reconfigure the firewall to secure it then?

• ATV not shown in devices list and firewall port 3689

  Having a nightmare with ATV. I have searched and found some help for some of the ATV problems I have had in other threads but seems that a couple of issues remain unsolved for most people.
  I have just purchased an ATV updated it to latest software; at first had the Samsung TV HDMI problem which can be solved by telling the TV that the connection is a PC (seems to alter settings for that HDMI port on Samsung TVs).
  All was well for 30 mins (kids got stuck in and started watching a film that was on my itunes library) then ATV lost connection to itunes media (still had network and internet for movie trailers). Tried various things reset ATV and quit itunes etc and got the firewall port 3689 error message in itunes.
  Tried a variety of stuff to fix the 3689 issue including: fixing permissions on imac HD; re-installing itunes, adding port forwarding to my BT homehub, telling itunes to share my library, adding firewall rule in OSX for itunes. Then reset and tried again, this time it worked for several hours started to sync etc. Then paused ATV in middle of film and imac went into sleep mode....after this ATV stopped seeing itunes media and imac went into circle of death.
  Since reboot of imac and reset of ATV nothing works; can't see ATV in itunes at all, tried all the normal reboot type stuff.
  Starting to get frustrated ATV seems flakey expected this to be normal apple experience but so far I feel like I do at work in Microsoft **** where nothing makes sense and I'm rebooting all the time ...any ideas ...BT homehub is suspect but seems odd that it worked for hours then stopped !!

  OK - rebooted BThomehub and forced ATV off network and back on and now itunes can see ATV and is syncing again.
  The common failure on both previous occasions was pausing a film for few minutes and imac going into sleep mode on second time.
  Anyone seen this before ... ?

• Apple TV Not Syncing - Error Suggesting Firewall Port 3869 Issue

  I am suddenly having issues syncing my PC iTunes library with my Apple TV. iTunes is giving a message stating that the Apple TV is not responding and that I should confirm that my firewall port 3869 is open. I turned off the firewall for a few moments to see if the issue would be resolved and it is not.
  iTunes can see the Apple TV, can see what media is installed on the device but cannot sync to it. Any suggestions??

  A few people have reported that deleting the iTunes application and re-installing it can resolve this problem. Also make sure you have the latest version of Bonjour installed on your PC.

• WebEx Named Host and Port Options

  Hello,
  Whats he diffrence between WEBEX NAMED HOST and WEBEX PORT OPTION. And do they requrie any hardware to function with?
  a documetation with explanations will help more.
  Regards,
  Peter.

  Named Host is where you specify which users can host a meeting. Those people are the only ones who can schedule/create meetings but they can transfer the host role to another person after the meeting has started. Ports on the other hand only limit the total meeting participants across all hosts (the host also consumes a port). You can create as many hosts as you need but total attendance at any one time cannot exceed your ports. There are also per-minute options and active host options where only an unnamed percentage of the organization is assumed to be a host and you true-up if real usage exceeds that percentage.
  It's probably best to speak with a Cisco or WebEx AM over the options. Different usage styles lend themselves to different licensing options. Here's a data sheet though:
  http://www.cisco.com/en/US/prod/collateral/ps10352/ps10362/ps10409/cisco_webex_meeting_center_on_the_gpl_and_wpl.pdf
  Please remember to rate helpful responses and identify helpful or correct answers.

• What are policy firewall port should be permit between meetingplace web external and internal

  I deploy MeetingPlace Web Conferencing with SMA.
  1. What are policy firewall port should be permit between meetingplace web external and internal (web external on DMZ zone and web internal on internal zone)?
  2. Synchronized Globally Unique Identifiers (GUIDs) between internal and external Web Servers used firewall port?

  Hi,
  List of Firewall pots to be opened are mentioned in following document, you can refer your deployment type and open ports as mentioned.
  http://docwiki.cisco.com/wiki/Cisco_Unified_MeetingPlace_Release_8.5_--_System_Requirements_for_Audio-Only_Deployments
  http://docwiki.cisco.com/wiki/Cisco_Unified_MeetingPlace_Release_8.5_--_System_Requirements_for_WebEx-Scheduling_Deployments
  http://docwiki.cisco.com/wiki/Cisco_Unified_MeetingPlace_Release_8.5_--_System_Requirements_for_MeetingPlace-Scheduling_Deployments
  Regards
  Ronak patel

• Firewall Ports for Web Services

  Hi Experts,
  Can you please list what are the firewall ports to be opened to call a ECC 6.0 system web service from a .Net application, assuming both systems are separated by a firewall
  Thanks in advance
  Regards,
  Krishna

  Hello ,
  Please as far as i know you have to open 4 ports in the ecc system.
  They are
  Message server port =  36<instance number>
  ITS = 80<Instance number>
  Gateway = 33<instance number> -- make sure service entries are maintained (sapgw)
  If you maintain Central SLD - then the specific port needs to be opened. - 5(instance number)00.
  I hope these ports needs to be opened and this is enough,  I believe.
  Vijay.

• Firewall Port Site Definition Globally Changing

  We are using Dreamwaver MX 2004 Educational Edition.
  We have several Managed Sites configured for secure FTP on
  firewall port 21. We have added a new site but it uses port 1021.
  When we configured that site we were able to connect with no
  probelm. The issue is we discoverd that for our existing defined
  Manage Sites the firewall port automatically changed to 1021. When
  we reset the port back to 21, all the other defined Managed sites
  changed to port 21, inculding the ones defned for port 1021. We
  tested this out on two different machines and the results were the
  same.
  Is this that way it is, or a know issue, a "feature"?
  Thanks for any information.

  Hello Preston Holder. Welcome to the Apple Discussions!
  As you are already aware RDC clients listen on port 3389 by default.
  To change the listening port will require making a Registry mod. This would be typically used if you needed to access more than one computer remotely. (ref: Microsoft Knowledge Base article 306759)
  Locate the appropriate Registry key using Regedit.exe:
  HKEYLOCALMACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\Port Number
  From the Edit menu, click Modify and then click Decimal. Choose a new port number. In general, choosing a number between 49152 and 65535 will avoid conflict with any other apps on your system, but you could theoretically use any port on the system. Once you set the port number you also need to configure your router to pass the specified port to your computer.
  To access your computer remotely, instead of typing just the IP address, you need to type the IP address followed by the port number like this: 192.168.1.1:50001

• Firewall ports for B2B ( Telepresence with CUBE)

  Could any body let me know what firewall port need to be open for B2B set up telepresence with CUBE on SIP trunk.
  Please suggest
  Regards
  Gautrav

  Hi Harold,
  Please check the link for all SAP port related information
  http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/4e515a43-0e01-0010-2da1-9bcc452c280b?QuickLink=index&…
  Thanks and regards,
  Nikhil

• Firewall ports for Zone Sharing and Subscription?

  Hi again!
  What firewall ports need to be open for Zone Sharing and Subscription?...

  Hello,
  we updated from 11.3.1 to 11.3.2
  Now i can not run the command chkconfig -a novell-proxydhcp to set the proxydhcp to autorun because i get...

• Firewall Port for DHCP 2012 R2 Failover (Load Sharing mode)

  Hi Everyone,
  I was wondering if anyone can help me with finding a document for required Firewall Ports for DHCP 2012 R2 Failover (Load Sharing mode)
  or just confirm if this is correct or not ?
  TCP 647 for
  DHCP failover messages between DHCP servers
  TCP/UDP 67 and 68 initiate communication between the client and server
  I am not sure if there is anything else
  thanks in advance
  Reza Negarestani

  it was for a technical design document and I put this table for Firewall requirements what do you think ?
  Direction
  Port(s)
  Bidirectional
  TCP 647
  Bidirectional
  TCP 2535
  UDP 2535
  Bidirectional
  TCP 67
  TCP 68
  UDP 67
  UDP 68
  Reza Negarestani

• Adobe Flash Update Firewall Port

  I have a windows 7 computer with the firewall set to block both inbound and outbound traffic.  What program and firewall port(s) do I need to allow outbound traffic for the Flash auto update to work?

  when you download something from the Internet something can go wrong with the data
  so likely the install packet for flash is corrupt because of something along those lines
  to offer a faster Internet service your ISP (internet service provider) keep a cache or local copy of downloaded data so should another user
  request the same data all the 1's and 0's need not travel across the internet once more which take more time
  the problem is that the cache has no idea that the data got corrupted so until the ISP's cache is cleared over time you may get the same corrupted data should you try to redownload the data
  otherwise there is something wrong with adobes site

• Apple TV not responding, check firewall port 3689

  Hi,
  I have this problem: "Apple TV not responding" with my PC wired to the router (Thomson Speedtouch 780i WL). I have read all the topics on this issue and tried everything: no success! With my XP laptop I can make a wireless connection and everything works fine. But not with the PC where I have all my music and photo archives on.
  Now I have a clean installed Vista and the problem remains the same. How is this possible?
  - the firewall port 3689 is open
  - i have rebooted everyting
  - i have made a new connection with the apple tv
  - apple tv software is updated
  I want to get this thing working. Could you please help me?
  Thanks, Sliek.

  The problem is not with the router nor the firewall. And with you having the issue on a PC and I having it on a Mac, this rules out the OS. That leaves a networking problem in either iTunes or the AppleTV. Or most likely a dropped packet of information between the two.
  Using NetBarrier I have watched the interaction between my Mac and the AppleTV. The sync occurs in three separate phases. The first phase initiates communications via port 3689 and a few high order ports (49xxx - 6xxxx). After this is finished about a dozen ports are opened by the AppleTV (all high order) for a couple of minutes. When these ports close and after a substantial wait, the AppleTV opens a whole s**t-load of ports (well over 200) and the actual sync occurs. It is this third phase that fails when I fail the sync. Or iTunes gets stuck waiting for a response from the AppleTV. I think that the AppleTV is dropping the ball and failing to respond properly.

• Cisco Clean Access Update Website and Firewall Port Required

  Hi,
  I was wondering if anyone may know the website the clean access manager would be using to upate as well as the firewall port required. This is due to a firewall in place. Based on some reading, not sure if it uses other website besides the following http://www.perfigo.com/clean_machine_1/version-se.txt on port 80.
  Thanks.

  Hi,
  For CAM checks and rules update, that's the only site required.
  HTH,
  Faisal
  If you find this post helpful, please rate so others can find the answer easily

• Terminal Services licensing firewall ports

  I have been searching the internet for an informative network\firewall drawing for the Terminal Services Licensing traffic when it comes to firewall ports requirements etc 
  Does someone have a detailed description or a (visio) drawing showing the ports required for WTS Licensing?
  We have the following Citrix based Terminal Server environment:
  - Windows 2008 R2 running XenApp6
  - Clients come from internal (LAN) and external connections (Citrix Access Gateway)
  - There is a firewall between the Citrix XenApp WTS farm and the MS Terminal Services Licensing server (Win 2008 R2)
  Can someone explain how the TSCAL\RDCAL "traffic" flows and the ports required from A-Z ?
  /Tord Bergset

  I believe the correct random ports used for for Windows Server 2008 are 49152-65535, not 1024-65535
  I am looking for a visio or something showing this...
  For Citrix solutions one have no problem finding network drawing showing firewall ports etc, but fro MS WTS licensing I jsut cannot find anything showing ports required etc
  Lot of designd docs\drawings regarding RDP traffic etc, but not anything for the RDCAL\TSCAL licensing traffic
  Scenario below:
  Need all WTS Licensing ports listed for the solution to work for external and internal clients
  External clients   using 2 factor auth
  Firewall
  Citrix Web Interface
  Server
  Firewall
  Citrix Licensing server
  Firewall
  Citrix WTS
  Farm
  Internal Clients
  Citrix Secure Gatway
  MS Terminal server Licensing server
  /Tord Bergset