User's Manual Part 1

Firmware Version 1.0.0.1 UCM6200 Series IP PBX User Manual Page 60 of 320

Table 14: UCM6200 Firewall->Static Defense->Current Service

Port Process Type Protocol or Service

7777 Asterisk tcp/IPv4 SIP

389 Slapd tcp/IPv4 LDAP

22 Dropbear tcp/IPv4 SSH

80 Lighthttpd tcp/IPv4 HTTP

8089 Lighthttpd tcp/IPv4 HTTPS

69 Opentftpd udp/IPv4 TFTP

9090 Asterisk udp/IPv4 SIP

6060 zero_config udp/IPv4 UCM6200 zero_config service

5060 Asterisk udp/IPv4 SIP

4569 Asterisk udp/IPv4 SIP

5353 zero_config udp/IPv4 UCM6200 zero_config service

37435 Syslogd udp/IPv4 Syslog

For typical firewall settings, users could configure the following options on the UCM6200.

Table 15: Typical Firewall Settings

Ping Defense

Enable

If enabled, ICMP response will not be allowed for Ping request. The default

setting is disabled. To enable or disable it, click on the check box for the LAN or

WAN (UCM6202/UCM6204) interface.

Ping-of-Death

Defense Enable

Enable to prevent Ping-of-Death attack to the device. The default setting is

disabled. To enable or disable it, click on the check box for the LAN or WAN

(UCM6202/UCM6204) interface.

Under "Custom Firewall Settings", users could create new rules to accept, reject or drop certain traffic

going through the UCM6200. To create new rule, click on "Create New Rule" button and a new window will

pop up for users to specify rule options.

Right next to "Create New Rule" button, there is a checkbox for option "Reject Rules". If it’s checked, all

the rules will be rejected except the firewall rules listed below. In the firewall rules, only when there is a rule

that meets all the following requirements, the option "Reject Rules" will be allowed to check:

 Action: "Accept"

 Type "In"

 Destination port is set to the system login port (e.g., by default 8089)

 Protocol is not UDP