1. ENUM User Guide
  2. Security Firewall
  3. Firewall Configuration

5.1 Firewall Configuration

To achieve the firewall security on VENUM server, follow the below recommendations:
  • Add connection in DNS Connections MO on which external client communicates. Also, add Client’s IP in ENUM ACLs MO to make its entry in the firewall trusted list.
  • Use XSI IPs for communication, as they are secure IPs and not publicly exposed.

    Note:

    We can’t provide drop packets protection on XMI interface since it is used for external communication and this IP is a publicly exposed IP.
  • In case of Master Slave Zones and Zone Forwarding, ensure the following configurations for firewall protection:
    • If XSI interfaces of Master is used on the slave, then have IP of the slave in master’s ENUM ACL MO and Connection in the DNS Connection MO.
    • If XMI interfaces is used, then check if there is any connection on the default DNS port at master server. If there is connection present on default DNS port, then have IP of the slave in master’s ENUM ACL MO and Connection in the DNS Connection MO.