Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Teleworker - Router / Firewall settings
- Thread starter Jampet
- Start date
TCP 22 (SSH)
MBG Server Internet
AMC communications. Allow outbound packets (and replies) on TCP port 22 between the MBG Server and the Internet to enable server registration, software and license key downloads, alerts and reporting.
UDP 53 (DNS)
MBG Server Internet
Domain Name System. The server requires DNS to look up the IP address of the Mitel AMC. Alternatively, the server can be configured to forward all DNS requests to another DNS server. See the MSL Installation and Administration Guide for details.
TCP 443 (HTTPS)
MBG Server Internet
Remote Server Management. (Optional) Allow inbound and outbound packets on TCP port 443 between the MBG Server and the Internet to allow remote management of the MBG server, if required. HTTPS access to allow remote management of the MBG server must be also be explicitly enabled from the server manager interface.
TCP 6800, 6801 and 6802
MBG Server LAN
MBG Server ICP(s)
MBG Server Internet
MiNet Call Control. Allow incoming and outgoing packets for TCP ports 6801 (MiNet-SSL) and 6802 (MiNet-Secure V1) between the MBG server and the Internet. Allow incoming and outgoing packets for TCP ports 6800 (unencrypted MiNet), 6801 and 6802 between the MBG server and the LAN and the MBG server and the ICP(s). The LAN rule can be omitted if there are no IP sets on the LAN, but ensure that the ICP(s) can communicate with the server’s public address.
UDP 20,000 to configured upper bound* (SRTP)
MBG Server Internet
MBG Server LAN
Voice Communications. Allow incoming SRTP on UDP ports 20000 – configured upper bound* from all streaming devices on the LAN and the Internet. Configuration errors here are a common cause of one-way audio problems.
UDP 1024 to 65,535 (RTP)
MBG Server LAN
MBG Server Internet
Voice Communications. Allow outgoing SRTP on UDP ports greater than, or equal to 1024 from the server to all streaming devices on the LAN and the Internet. Configuration errors here are a common cause of one-way audio problems.
TCP 6809
MAS Server MBG server
MAS remote management of Teleworker. This port allows a MAS server admin to remotely manage the Teleworker service in the DMZ. The MAS server manager panel indicates Remote Teleworker Solution. Teleworker Clustering must be enabled on the MAS server and MBG server.
* Configured upper bound for SRTP on UDP ports is controlled by a setting in the Teleworker Solution Advanced panel. You must reserve four ports per set that you wish to support. Thus, to support 1000 sets, 4000 ports are required, from 20000 to 24000, and those ports must be open in the firewall configuration of any firewall that the Teleworker server is installed behind.
22
MBG Server Internet
AMC communications. Allow outbound packets (and replies) on TCP port 22 between the MBG Server and the Internet to enable server registration, software and license key downloads, alerts and reporting.
UDP 53 (DNS)
MBG Server Internet
Domain Name System. The server requires DNS to look up the IP address of the Mitel AMC. Alternatively, the server can be configured to forward all DNS requests to another DNS server. See the MSL Installation and Administration Guide for details.
TCP 443 (HTTPS)
MBG Server Internet
Remote Server Management. (Optional) Allow inbound and outbound packets on TCP port 443 between the MBG Server and the Internet to allow remote management of the MBG server, if required. HTTPS access to allow remote management of the MBG server must be also be explicitly enabled from the server manager interface.
TCP 6800, 6801 and 6802
MBG Server LAN
MBG Server ICP(s)
MBG Server Internet
MiNet Call Control. Allow incoming and outgoing packets for TCP ports 6801 (MiNet-SSL) and 6802 (MiNet-Secure V1) between the MBG server and the Internet. Allow incoming and outgoing packets for TCP ports 6800 (unencrypted MiNet), 6801 and 6802 between the MBG server and the LAN and the MBG server and the ICP(s). The LAN rule can be omitted if there are no IP sets on the LAN, but ensure that the ICP(s) can communicate with the server’s public address.
UDP 20,000 to configured upper bound* (SRTP)
MBG Server Internet
MBG Server LAN
Voice Communications. Allow incoming SRTP on UDP ports 20000 – configured upper bound* from all streaming devices on the LAN and the Internet. Configuration errors here are a common cause of one-way audio problems.
UDP 1024 to 65,535 (RTP)
MBG Server LAN
MBG Server Internet
Voice Communications. Allow outgoing SRTP on UDP ports greater than, or equal to 1024 from the server to all streaming devices on the LAN and the Internet. Configuration errors here are a common cause of one-way audio problems.
TCP 6809
MAS Server MBG server
MAS remote management of Teleworker. This port allows a MAS server admin to remotely manage the Teleworker service in the DMZ. The MAS server manager panel indicates Remote Teleworker Solution. Teleworker Clustering must be enabled on the MAS server and MBG server.
* Configured upper bound for SRTP on UDP ports is controlled by a setting in the Teleworker Solution Advanced panel. You must reserve four ports per set that you wish to support. Thus, to support 1000 sets, 4000 ports are required, from 20000 to 24000, and those ports must be open in the firewall configuration of any firewall that the Teleworker server is installed behind.
22
- Status
Similar threads
- Locked
- Question