Firewall (Zenitel Connect Pro)
From Zenitel Wiki
Contents
Introduction
The firewall allows inbound rules rules to be set. Rules can be set for each network port individually. An ICX-510 has 2 network ports. Zenitel Connect Pro running on a virtual machine can have 1 or more ports, depending on how many ports have been assigned to the VM.
Rules can be added, edited and deleted.
Firewall rules can be set in the tile Firewall in the System section.
Inbound rules
Inbound rules can be assigned different criterias:
- Protocol:
- TCP
- UDP
- Destination port, select any port number from 1 to 65535
- Source address
- The source address can be left empty; if left empty, there is no filtering based on the IP-address of the source
- The source address can be assigned a subnet address in CIDR notation; example: 192.168.0.0/24 will only allow traffic from IP-addresses in the range 192.168.0.1 - 192.168.0.254
- The source address can be assigned a specific IP-address; only traffic originating from that IP-address is allowed
- The network port on which the inbound traffic is allowed
Points to consider
Zenitel Link is the protocol through which external applications can integrate with Zenitel Connect Pro. Ideally it should use encryption. For this it needs inbound ports 443 and 8086 to be open, which is the default setting.
While developing the integration it can be an advantage to be able to trace the network traffic with an application like Wireshark. Is is then beneficial that the network traffic is not encrypted. This is available by using ports 80, and 8087 (default closed).
Default rules
| Protocol | Port | Name | Comment |
| TCP | 80 | HTTP | Unsecure web access and log in for Zenitel Link. It is advisable to close this port after initial system setup. |
| TCP | 443 | HTTPS | Secure web access and log in for Zenitel Link |
| UDP | 5060 | SIP/UDP | |
| TCP | 5060 | SIP/TCP | |
| TCP | 5061 | SIPS | SIP secure |
| TCP | 8086 | WAMP/WSS | Secure data connection for Zenitel Link |
| TCP | 8087 | WAMP/WS | Unsecure data connection for Zenitel Link. Default closed |
| UDP | 10000:20000 | RTP/RTPS | |
| UDP | 123 | NTP |
Adding, editing and deleting rules
- Add a rule: Click on
on the right hand top side of the inbound rules or outbound rules table and edit the new line as appropriate - Edit a rule: Click on the field you want to edit
- Delete a rule: Select or multi-select the rules to be deleted; click on
on the right hand top side of the inbound rules table.
 |
| Firewall settings |