bsob
Contributor
Contributor

UAG external ports - security consideration

I have deployed UAG v21.03 with two nic configurations (Internet and Management)

I wonder why on Internet interfaces I see a few open ports, for example, SSH, I checked and I cannot login however I am getting logon prompt. 

Should I hide my UAG behind the firewall and restrict access to unused ports or there is an option to restricts these ports on UAG? 

 

NMAP Scan results:

PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 7.8 (protocol 2.0)
80/tcp open rtsp
443/tcp open ssl/https?
8080/tcp open rtsp
8443/tcp open ssl/http VMware Horizon View

Tags (1)
0 Kudos
1 Reply
fabio1975
Expert
Expert

Being a virtual appliance (Black Box) I would not modify anything on the VM (unless there are documented commands)

I usually ask to put a firewall between the UAG and the Internet. To check the ports that must communicate with the internet, look at this document:
https://docs.vmware.com/en/Unified-Access-Gateway/2103/uag-deploy-config/GUID-F197EB60-3A0C-41DF-8E3...

 

fabio1975_0-1618949836116.png

 

Fabio
BLOG: https://vmvirtual.blog

if satisfied give me a kudos
0 Kudos