When choosing to utilize the Windows
firewall built into the Windows 2003/2008 operating system, the
following steps explain how CrystalTech recommends how you should setup
the firewall.
1. Make sure that the Remote Desktop is checked in
the exceptions list. If this is not checked, you will lock your self
out of remote desktop connections as soon as you click OK. The
exception list is found by clicking the Settings button in the Local
Area Connection Properties Advanced tab (note: this is also where you
turn on\off the firewall).
2. CrystalTech monitors each
dedicated server by using a ICMP monitor. Because of this, ICMP echo
requests need to be allowed. ICMP can be turned on by clicking the
settings button from the advanced tab in the Windows Firewall settings
(note: you will only need to check Allow Incoming Echo request).
3.
Should you choose to use your server as a name server, you will need to
create two exceptions for this traffic. From the Exceptions tab in the
Windows Firewall settings, you will need to click Add Port and add as
follows
Name: DNSTCP
Port Number: 53
TCP
Name: DNSUDP
Port Number: 53
UDP
4.
If your dedicated server is going to be a web server hosting websites
on port 80 for http traffic and https on 443, you will need to allow
these services. To do this, go to the Settings button found on the
Advanced tab in the Windows Firewall. From the Services tab, check
Secure Web Server and Web Server.
5. Should you also choose to
use your server as a mail server, you will also need to check the
Internet Mail Server (SMTP) and the Post-Office Protocol Version 3
(POP3)
6. If you choose to use FTP, you will also need to check FTP server.
7.
Two additional ports are required on dedicated servers for Crystaltech
services which are TCP 743 and TCP 52155. Exceptions need to be created
for these ports for your dedicated server to function correctly with
Crystaltech's interface.
8. Any additional programs or services
that require specialized ports to connect to the server (ie. SQL server
port TCP 1433 and UDP 1434) will need to have exceptions created to
allow connections.
Article ID: 971, Created: July 13, 2009 at 11:10 PM, Modified: July 13, 2009 at 11:10 PM