Firewall Rules for External Traffic Through the Encrypted VPN Tunnel
If you use the Oracle-provided TLS VPN solution, the following table is
informational only, illustrating the traffic transmitted over the VPN in support of
the Gateway. If the alternative VPN solution is used, the following traffic must be
allowed to communicate over the VPN.
Table 3 Firewall Rules between the Gateway and the Oracle Data Center Using VPN
Tunnel
|
|
|
|
|
Gateway
|
-
192.206.43.197/32
-
198.51.38.199/32
-
137.254.105.5/32
|
NTP (UDP/123)
|
Network Time Protocol (NTP)
|
|
Gateway
|
192.206.43.194/32
|
Syslog (TCP/514)
|
Gateway Syslog
|
|
Gateway
|
-
198.51.38.194/32
-
198.51.38.193/32
|
HTTPS (TCP/8080,9898)
|
Gateway security tools monitoring
|
-
198.51.38.194/32
-
198.51.38.193/32
|
Gateway
|
HTTPS (TCP/8080,9898)
|
Gateway security tools monitoring
|
-
192.206.43.209/32
-
198.51.38.209/32
-
140.85.164.34/32
|
Gateway
|
Security Scanner
-
TCP/UDP/1-65535
-
ICMP (Types 8 & 0)
|
Gateway availability and security scanning
|
-
198.51.37.1/32
-
193.188.5.1/32
-
140.83.88.1/32
-
140.83.88.129/32
-
140.83.89.1/32
-
141.146.155.40/32
-
141.146.155.41/32
-
192.206.43.208/32
-
198.51.38.208/32
|
Gateway
|
-
ICMP (Types 8 & 0)
-
SSH/SCP (TCP/22)
-
HTTPS (443, 7799, 9702)
-
SGD (TCP/5307)
|
Management traffic to remotely manage the Gateway and also
facilitate remote access
|
|
Gateway
|
192.206.43.196/32
|
HTTPS/443
|
REST services for the Gateway
|
|
Gateway
|
-
192.206.43.193/32
-
198.51.38.196/32
|
LDAP (TCP/636)
|
Gateway authentication (LDAP)
|
|