3. Which Port Numbers to open from LAN to WAN?

Which Port Numbers to open from LAN to WAN?

  • U

    My local network has three zones DMZ, LAN,WIFI

    The network from and to the DMZ is very much restricted to the services that are required by the server in that area
    The WIFI can only go to the WAN port but can do more or less whatever god has forbidden
    The LAN consist of several local servers that can only connect to the outside world for the services needed, but there are several PC's in the LAN that want to be able to access the internet for webbrowsing etc.

    In principle I do not want to allow any traffic from these PC's to the internet, but it looks like that I've somehow set the ports that allow communication to the outside world to strict. Could somebody give me advice which ports to really open or what a good strategy is? a link to a proper article is of course also highly appriciated.

    « edit by Gruensfroeschli for readibility »

    0
  • J

    You need 80,443,53 for HTTP

    jigp
    pfSense 1.2.x Davao City

    0

  • The ports you need to open depends on what you mean by "etc" ;)

    I'd suggest you start by leaving it fully locked down and install Squid to control the web browsing.  Then identify the "etc" part and open ports accordingly.

    0
  • J

    Havoc: I have 80,443,53 and ftp. 4 ports. Why is it that i could do VPN+RemoteDesktop and ETC Virtually.. Any idea how to get rid of this? Thanks

    jigp
    Davao City pfsense 1.2.2

    0

  • What kind of VPN - OpenVPN, IPsec or PPTP?  Remember that rules apply separately to each interface, that IPsec and PPTP are separate logical interfaces and needs their own rules and that the OpenVPN interface can't be filtered in 1.2.2.

    0
  • J

    "What kind of VPN - OpenVPN, IPsec or PPTP?  Remember that rules apply separately to each interface, that IPsec and PPTP are separate logical interfaces and needs their own rules and that the OpenVPN interface can't be filtered in 1.2.2."

    Does it work on 1.2.3RC2? 2.0 is tempting but im still exploring it there..Also Havok, Im not sure with the ports to open though…443,80,53 is okay right?

    jigp
    Davao City

    0

  • I'm not sure about 1.2.3 onwards - you'll have to try searching the forum for the latest information.

    Those ports are "ok" if those are the only ports you require.  Only you can know the answer to that.

    0
  • J

    Thank you Havok :)

    Good morning :)

    jigp
    1.2.x

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy