Setting up TCP/IP filtering: Difference between revisions

From NEOSYS Technical Support Wiki
Jump to navigationJump to search
No edit summary
No edit summary
 
(9 intermediate revisions by 4 users not shown)
Line 1: Line 1:
Tcp/ip filtering is a simple but effective firewall but cannot distinguish between incoming and outgoing traffic or do port forwarding.
Before setting up TCP/IP filtering, configure the network connection to only Internet Protocol Version 4 (TCP/IPv4).


Some standard ports
TCP/IP filtering is a feature available only in Windows 2003 and is not present in Windows 2008 - for which you will have to use [[Setting up Windows Firewall]]


*21 standard ftp
TCP/IP filtering is a simple but effective firewall but only blocks incoming ports and not outgoing ports. All dedicated Neosys client servers need to have TCP/IP filtering enabled and we will drop installation of anti-virus programs. However it the client has a workgroup anti-virus installation than it can be installed in addition to TCP/IP filtering.
*80 standard http
*443 standard https
*3389 standard remote desktop connection


NEOSYS non-standard ports
Note:
#Reboot is necessary for changes to be effective.
#Don't do changes either a) while critical users are working or b) you cannot get to power cycle the server. Changing filtering sometimes causes network failure requiring manual intervention.


*2500 neosys smtp
The following ports need to be opened when TCP/IP filtering is enabled for client servers:
*4430 neosys https port
 
*55000 neosys ultravnc reverse connection
*80
*19580 neosys ssh port
*443
*8000 neosys wiki
*2500
*3389
*4430
*19580
*55000
*55001
*55002


TCP/IP properties, advanced, options
TCP/IP properties, advanced, options


[[Image:tcpipfiltering1.png]]
[[Image:tcpipfiltering1.png]]

Latest revision as of 08:44, 28 February 2013

Before setting up TCP/IP filtering, configure the network connection to only Internet Protocol Version 4 (TCP/IPv4).

TCP/IP filtering is a feature available only in Windows 2003 and is not present in Windows 2008 - for which you will have to use Setting up Windows Firewall

TCP/IP filtering is a simple but effective firewall but only blocks incoming ports and not outgoing ports. All dedicated Neosys client servers need to have TCP/IP filtering enabled and we will drop installation of anti-virus programs. However it the client has a workgroup anti-virus installation than it can be installed in addition to TCP/IP filtering.

Note:

  1. Reboot is necessary for changes to be effective.
  2. Don't do changes either a) while critical users are working or b) you cannot get to power cycle the server. Changing filtering sometimes causes network failure requiring manual intervention.

The following ports need to be opened when TCP/IP filtering is enabled for client servers:

  • 80
  • 443
  • 2500
  • 3389
  • 4430
  • 19580
  • 55000
  • 55001
  • 55002

TCP/IP properties, advanced, options

Tcpipfiltering1.png

Retrieved from "https://techwiki.neosys.com/index.php?title=Setting_up_TCP/IP_filtering&oldid=1225"