06-09-2021 07:08 AM - edited 06-09-2021 07:14 AM
Hi,
We deployed dual NIC Expressway-E for WebRTC proxy for CMS. Port 443 is being used for the communication for WebRTC so we changed the port for web administration to 7443. We can access the Expressway-E from inside also from outside using 7443 port. On the Box, is it possible to disable web access from outside/LAN 2 of Expressway-E?
Thanks.
06-09-2021 07:28 AM
Block the port 7443 on your firewall and that block the access from outside.
06-09-2021 09:50 AM - edited 06-09-2021 09:54 AM
So not possible in the Expressway itself?
The reason why we dont need to do it on the firewall is for long process which we need to request change on network security team.
I am looking for a way to disable the https service on the outside network interface of the expressway.
06-09-2021 10:55 AM
Never tried on expressway. We allow only ports required so never come across such scenario where I can access expresswayIp from outside.
06-09-2021 11:31 AM
Expressway has no setting for this, you can reach out to your SE/AM and submit a PER so it's considered for a future release, currently this has to be handled at the FW/ACL level outside of expressway.
06-09-2021 12:04 PM
Your security team should be interested in allowing only the needed ports for your service that you run on the Expressway. There are good documentation available for this that lists the ports needed for different type of services.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide