36 • 3-Series Control Systems Reference Guide – DOC. 7150B
Firewall Rules in Normal Operation
Under normal operating procedures, the firewall on the control system router
behaves as follows.
Control System Firewall Rules - Normal Operation
DIRECTION PORT(S) RULE DESCRIPTION
Inbound from LAN 20, 21 To CPU FTP (if enabled)
Inbound from LAN 22 To CPU SSH
Inbound from LAN 80, 443 To CPU Web server (if enabled)
Inbound from LAN 843 To CPU Flash policy server (if enabled)
Inbound from LAN 41794-41797 To CPU Crestron communication protocols
Inbound from LAN
Listen ports
used by
program
To CPU Programmatic listeners
Inbound from LAN 64000-64299
To devices
on control
system
Allows Crestron management tools to access
devices on the Control Subnet; ports are
opened and closed as needed
Control Subnet
outbound to LAN
Any port Allowed All outbound traffic is allowed
Inbound from LAN User-defined
User-
defined
Allows manual port forwarding to devices on
Control Subnet
Firewall Rules in Isolation Mode
Under normal operating procedures, the firewall on the control system router
behaves as follows.
Control System Firewall Rules - Isolation Mode
DIRECTION PORT(S) RULE DESCRIPTION
Inbound from LAN 20, 21 To CPU FTP (if enabled)
Inbound from LAN 22 To CPU SSH
Inbound from LAN 80, 443 To CPU Web server (if enabled)
Inbound from LAN 843 To CPU Flash policy server (if enabled)
Inbound from LAN 41794-41797 To CPU Crestron communication protocols
Inbound from LAN
Listen ports
used by
program
To CPU Programmatic listeners
Inbound from LAN 64000-64299
Blocked
In isolation mode, Crestron management
tools cannot connect to any devices on the
Control Subnet
Control Subnet
outbound to LAN
Any port
All other
devices:
Blocked
No outbound traffic is allowed
Inbound from LAN User-defined Blocked
In isolation mode, no port forwarding can be
managed by the user
To Next Page
Loading...
Need help?
General
