K2000 RSA behind NAT
Is it possible to set up a K2000 RSA behind a NAT ? Which ports to open ? How to configure appliance link ?
80 -- HTTP
139 -- SAMBA share
135 -- SAMBA share
445 -- SAMBA share (Direct-hosted SMB traffic without a network basic input/output system (NetBIOS): port 445 (TCP and UDP).
22 -- SSH (outbound only for tethers)
22 -- SSH for syncing to RSA and single sign-on
389 -- LDAP (if using LDAP authentication)
636 -- LDAPS (if using secure LDAP authentication)
67 -- DHCP
69 -- TFTP
4011 -- PXE
8108 -- Media Manager
These ports also cover communication between the K2000 and an Rempte Site Appliance.
Ensure routers / firewalls are setup to allow DHCP to traverse them (BootP protocol) if clients span across them.
K2000 does not have a built-in firewall. The K2000 is not recommended for DMZ operations, only for operation on the internal network.