Manualshelf

Specifications

ManualsBrandsAcard ManualsMusical equipmentARS-2051F
31323334353637383940
MBG Engineering Guidelines, Release 8.0
7.3 Web Proxy
The following additional rules are required, at minimum:
From the Internet to the MBG server:
allow protocol TCP, destination port 443
From the MBG server to the LAN:
allow protocol TCP, destination port 443
Special consideration for MCA through Web Proxy
In addition to https traffic, MCA requires passthrough of its ConnectionPoint connection. It will arrive at the
firewall on TCP port 443, on a dedicated IP address for MCA (see the MAS documentation for full details), and
the firewall must forward the traffic to the Web Proxy server (MBG) at whatever listen port is configured in Web
Proxy.
From there, the traffic will be forwarded to the MCA server on the LAN on TCP port 4443. The required rules are:
From the Internet to the Firewall:
allow protocol TCP, destination port 443 on the MCA IP address
From the Firewall to the Web Proxy (MBG):
allow protocol TCP, destination port A, where A is the listen port for MCA configured by the Web Proxy
administrator
From the Web Proxy (MBG) to the MCA server on the LAN:
allow protocol TCP, destination port 4443
7.4 Remote Management Service
MBG Remote Proxy Services includes Web Proxy for end users and Remote Management Service for system
administrators. The Remote Management Service introduced a new capability in MBG 8.0 to support remote
upgrade, backup and restore of MCDs on the LAN. This feature requires enabling an FTP server on the MBG.
Remote FTP clients on the external network upload MCD software to the FTP server on MBG. An MCD FTP
client on the internal network downloads MCD software from the FTP server on MBG. An MCD FTP client on the
internal network uploads MCD backup files to the FTP server on MBG.
Note: Remote FTP clients must use passive FTP. Active FTP will not work through remote NAT firewalls.
The following additional rules are required, at minimum:
From the Internet to the MBG server:
allow protocol TCP, source ports >1023, destination port 21, destination ports >1023
From the MCD on the LAN to the MBG server:
allow protocol TCP, source ports >1023, destination port 21, destination ports >1023
29