Difference between revisions of "Ports which should be opened"
From Kolmisoft Wiki
Jump to navigationJump to search
Line 12: | Line 12: | ||
* TCP/UDP 1720 - for H.323 Protocol | * TCP/UDP 1720 - for H.323 Protocol | ||
* TCP/UDP 5038 - for Asterisk manager interface | * TCP/UDP 5038 - for Asterisk manager interface | ||
* TCP/UDP 5948 - for | * TCP/UDP 5948 - for Zabbix monitoring | ||
* UDP 4000 - 4999 for T.38 support | * UDP 4000 - 4999 for T.38 support | ||
* TCP/UDP 443 - For | * TCP/UDP 443 - For HTTPS (if used) | ||
You can test which TCP ports are opened using nmap tool: | You can test which TCP ports are opened using nmap tool: | ||
Revision as of 09:54, 28 August 2014
For server some ports should be opened or forwarded to MOR server:
- TCP 80 - for GUI/HTTP
- TCP 22 - for SSH connection
- TCP 25/465 - for SMTP / SMTP over SSL (TLS)
- UDP 694 - for Heartbeat.
- TCP 3306 - for MySQL replication
- TCP 3690 - for SVN connections
- UDP 4569 - for IAX2 connection
- UDP 5060 to 5070, 10000-20000 - for SIP connection
- TCP/UDP 123 - Network Time Protocol
- TCP/UDP 1720 - for H.323 Protocol
- TCP/UDP 5038 - for Asterisk manager interface
- TCP/UDP 5948 - for Zabbix monitoring
- UDP 4000 - 4999 for T.38 support
- TCP/UDP 443 - For HTTPS (if used)
You can test which TCP ports are opened using nmap tool:
nmap -vv -P0 your MOR server's IP address
iptables config
For Asterisk server:
iptables -A INPUT -p tcp --dport ssh -j ACCEPT iptables -A INPUT -p tcp --dport 5038 -j ACCEPT iptables -A INPUT -p udp --dport 5038 -j ACCEPT iptables -A INPUT -p udp --dport 4569 -j ACCEPT iptables -A INPUT -p udp --dport 1720 -j ACCEPT iptables -A INPUT -p udp --dport 5060:5070 -j ACCEPT iptables -A INPUT -p udp --dport 10000:20000 -j ACCEPT iptables -A INPUT -p udp --dport 4000:4999 -j ACCEPT iptables -A INPUT -j DROP