Firewall setup at customer site

dxttony · March 4, 2019, 9:39pm

Hello,

I am going to install the eWon system at a customer site for remote access and remote data collection through Ethernet cable. I found the only firewall rule the customer should setup is to allow outbound traffic through TCP443/UDP 1194. Since I am not en expert in firewall, I am wondering how remote access works without allowing inbound traffic. Could you confirm if this is the only setup necessary and explain how inbound traffic gets established? Any link or brochure that can help me understand is welcome.

Thank you very much!

Tim_hms · March 4, 2019, 9:43pm

Hello,

Generally it’s just required to open ports 1194, 443 and to whitelist our servers seen in the document below

Let me know if you have any questions

dxttony · March 5, 2019, 2:38pm

Thanks Tim.

Should I open both inbound/outbound connection to these address, or outbound only? Based on what I found, I guess the answer is outbound only. But I have a difficult time to understand how packets flow from VPN server to eWon for remote access if the inbound connection on firewall isn’t open. Thanks very much for explanation.

Tony

kyle_HMS · March 5, 2019, 2:40pm

Hi Tony,

You are correct that only the outbound ports need to be opened. The reason for this is that the local eWON device initiates the connection to the servers, so your firewall will allow that communication to occur in both directions.

Kyle

dxttony · March 5, 2019, 4:31pm

Thanks Kyle!