Sharmin Ferdusy
Sharmin Ferdusy
  • Home
    • Contact
  • Cisco
  • ShoreTel VoIP
    • My ShoreTel VoIP Blog
    • ShoreTel User Guide
  • Cisco VoIP
  • Technology Blog
  • VMware
  • Sonicwall
  • ConnectWise Administration
  • Home
    • Contact
  • Cisco
  • ShoreTel VoIP
    • My ShoreTel VoIP Blog
    • ShoreTel User Guide
  • Cisco VoIP
  • Technology Blog
  • VMware
  • Sonicwall
  • ConnectWise Administration

Firewall Ports for ShoreTel SA-100

5/4/2014

0 Comments

 
Deploying the ShoreTel Service Appliance (SA -100) in the demilitarized zone (DMZ) is the preferred method to

facilitate external traffic.

 
In the scenario where a service appliance is deployed in the DMZ, the following requirements apply:

 

Enable routable traffic between the DMZ and LAN. Network Address Translation (NAT) can not be

used for network traffic between these points.

 

Adequate bandwidth between DMZ and LAN with a minimum of voice latency and jitter.

DNS (Domain Name System) configuration to resolve both internal and external addresses. A

DNS configured to external addressing only, with a host file configured to handle traffic internally,

may be used as an alternative.

 

If a Service Appliance is made available from the Internet, all other Service Appliances need to be

accessible and addressable from the Internet.

 

The network requires port-forwarding through the firewall which is restricted to web ports (80-

unsecure HTTP and 443-secure HTTPS).

 

 

In the scenario where a Service Appliance is deployed on the trusted internal network, the following

requirements apply:

 

The network requires port-forwarding through the firewall which is restricted to web ports (80-

unsecure & 443-HTTPS). Alternatively, a reverse-proxy server can be used instead of portforwarding

but this requires the provision of an additional server.

 
The network requires DNS configuration both internally to resolve internal addresses and

externally to resolve to external addresses.

 
Alternatively, a network can be configured with DNS configured for external addressing only and a

host file configurated to handle traffic internally.

 

0 Comments

    Author

    Sharmin Ferdusy

    Archives

    August 2014
    May 2014
    April 2014
    February 2014
    October 2013
    April 2013

    Categories

    All

    RSS Feed

Powered by Create your own unique website with customizable templates.