IMPORTANT: The GateManager MUST be protected by a firewall.If the GateManager server is directly connected to the Internet or all ports from the Internet are forwarded to the GateManager, then the built-in firewall on the Linux system must be enabled.
The following ports must be forwarded or "Destination NATed" from the public IP address to the local IP address of the Linux (Debian) system. All other ports should be blocked to prevent unauthorized use.
- RED: Ports that must be opened for the system to work.
- BLUE: Ports that must be opened for obtaining optimal functionality
- GREEN: Recommended, but only needed for special scenarios
If the GateManager server is accessed from within the private network where it resides, the destination NAT rules must reflect this. This is the case if the access is from the SiteManager, LinkManager or Administrator portal from the same network as the local address of the GateManager.
The port 5800, 5900, 3389 is used for the LinkManager Mobile. The ports are controlled and secured by the GateManager and are NOT to be compared with the usual JVNC, VNC and RDP access to a PC. Only the validated LinkManager Mobile session requesting a connection will be allowed access.