What is the default configuration of my IoT Server ?
Two types of firewall rules are implemented into IoT Server :
- The core rules : they are implemented by the Operating System Itself
- The user rules : they are implemented by you through the IoT Server Supervision
The core rules are as follows :
When you connect only 1 network interface
- all inputs closed except TCP22
- all output closed except :
- TCP2222 (SSH / SFTP) towards the Braincube datacenter IP
- TCP443 (HTTPS) towards the Braincube datacenter IP
- UDP123 (NTP) all IP
- UDP53 (DNS) all IP
- TCP1880 (incoming first) (Interface Node Red) towards all IP
- all ports (outgoing first) towards private IP : 10.0.0.0/8 192.168.0.0/16
When you connect 2 network interfaces
The first interface is considered as the internet network :
- all inputs are closed
- all output are closed except :
- TCP2222 (SSH / SFTP) towards the Braincube datacenter IP
- TCP443 (HTTPS) towards the Braincube datacenter IP
- UDP123 (NTP) all IP
- UDP53 (DNS) all IP
- TCP1880 (incoming first) (Interface Node Red) towards all IP
- all ports (outgoing first) towards private IP : 10.0.0.0/8 192.168.0.0/16
The second interface is considered as the industrial network :
- all inputs are closed, except TCP 22 towards all IP
- all outputs are opened
When you connect 3 or more interfaces
You should refer to the case of "2 interfaces". The interface after the second one are deactivated. You will be able to add new rules through the IoT Server Supervision
How to manage my Firewall Rules ?
Through your IoT Server Supervision you are able to open new port for your IoT Server. Simply access to IoT Server Supervision and expand your IoT Server then click on Firewall.
On the left you can see the existing rules and you can create new rules :
You can also edit and remove existing rules :
