Network & Firewall Configuration
This is an example network diagram for deploying the Filetransfer Appliance.
To configure the firewall, you need the following rules in the firewall
| source | destination | port | description | |
|---|---|---|---|---|
| http(s) | any | 10.0.2.10 | 80 & 443 | http and https is allowed from anywhere |
| DNS | 10.0.2.10 | DNS server | 53 (UDP) | The appliance needs DNS |
| 10.0.2.10 | any / email server | 25 | The appliance needs to send emails, either via an email server or directly to the Internet | |
| updates | 10.0.2.10 | any | 80 & 443 | The appliance downloads updates over http and https |
| admin | 10.0.1.0/24 | 10.0.2.10 | 22 | Use specific management ip's if you can for ssh access to the appliance |
| LDAP | 10.0.2.10 | LDAP server | 389/636 | If LDAP authentication is enabled, the appliance needs connections to the LDAP server |
| NTP | 10.0.2.10 | any / ntp server | 123 (UDP) | If NTP time synchronisation is enabled, if NTP pool authentication is enabled the destination needs to be any |
In this example you will also need to configure the firewall for address translation - translating a public address to the private 10.0.2.10 address. You will also mostly certain need to configure DNS so that a published DNS name points to the public ip address of the Filetransfer appliance.