Configuring Firewall Allowed Rules - AudioCodes Mediant 4000 SBC User Manual

Session border controller

Hide thumbs Also See for Mediant 4000 SBC:

Table of Contents

Configuring Firewall Allowed Rules

If you want to configure firewall rules (see 'Configuring Firewall Rules' on page 165) that

block specific network traffic, you must first configure firewall rules that allow traffic

needed in your deployment. Therefore, in addition to allowing basic traffic (such as OAMP,

SIP signalling, and media), you must also allow HA maintenance traffic between the Active

and Redundant devices:

Please configure firewall rules 10 through 21, as shown below, where 10.31.4.61 is the IP

address of the Maintenance interface ("HA_IF") of the Redundant device and 10.31.4.62

the IP address of the Maintenance interface ("HA_IF") of the Active device.

Various rules for basic traffic.

User's Manual

UDP ports 669, 670 and 680 (HA synchronization and keep alive)

TCP ports 2442 and 80 (HA control and data)

Allowed Firewall Rules for HA

End Port Protocol

The index numbers in the table above may change according to your specific

allow and block rules.

The last rule (Index 22) is an example of a blocking traffic rule (blocks all other

Configure the firewall on the Active device. This configuration is automatically

applied to the Redundant device.

If you have an external firewall located between the Active and the Redundant HA

Maintenance interfaces, you must open (allow) the same port ranges as

configured in the table above, on that external firewall.

Mediant 4000 SBC

Document #: LTRT-40203

Mediant 4000b sbc