Specifications
MBG Engineering Guidelines, Release 8.0
Firewall Configuration Common to all Services
In a DMZ deployment, it is recommended that the administrator configure their firewall in the following way,
regardless of the MBG feature set in use:
• Allow return traffic from established TCP connections
• From the server to the Internet allow traffic with
◦ protocol TCP, destination port 22 (communications with Mitel AMC)
◦ protocol UDP, destination port 53 (and return traffic) (DNS)
• From anywhere to the server allow traffic with
◦ protocol UDP, destination port range 20000 to the configured upper bound (31000 by default) (RTP)
• From the server to anywhere allow traffic with
◦ protocol UDP, destination port >= 1024 (RTP)
Note: This list is not exhaustive. Refer to the sections on individual services for the required ports and protocols
of each. A more comprehensive set of firewall rules is given in Appendix A: Firewall Configuration Reference.
17