Setting up TCP/IP filtering

From NEOSYS Technical Support Wiki
Revision as of 07:10, 20 December 2006 by Ashwin (talk | contribs)
Jump to navigationJump to search

Tcp/ip filtering is a simple but effective firewall but cannot distinguish between incoming and outgoing traffic or do port forwarding.

All dedicated Neosys client servers which are installed in future will have TCP/IP filtering enabled and we will drop installation of anti-virus programs. However it the client has a workgroup anti-virus installation than it can be installed in addition to TCP/IP filtering.

The following ports need to be opened when TCP/IP filtering is enabled:

  • 80/8123 web
  • 443/4430 secure web
  • 22/19580 ssh
  • 25/2500 smtp
  • 5500/55000 vnc reverse connection

and optionally

  • 3389/33890 rdc
  • 5900/59000 vnc


On our own NEOSYS server, some standard ports which need to be opened:

  • 21 standard ftp
  • 80 standard http
  • 443 standard https
  • 3389 standard remote desktop connection

NEOSYS non-standard ports

  • 2500 neosys smtp
  • 4430 neosys https port
  • 55000 neosys ultravnc reverse connection
  • 19580 neosys ssh port
  • 8000 neosys wiki

TCP/IP properties, advanced, options

Tcpipfiltering1.png

Retrieved from "https://techwiki.neosys.com/index.php?title=Setting_up_TCP/IP_filtering&oldid=155"