vpruthi/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/vpc/umn/SecurityGroup_0005.html
fanqinying 44c0250eec VPC UMN 20241008 version 
Reviewed-by: Sarda, Priya <prsarda@noreply.gitea.eco.tsi-dev.otc-service.com>
Co-authored-by: fanqinying <fanqinying@huawei.com>
Co-committed-by: fanqinying <fanqinying@huawei.com>
2024-11-21 10:14:33 +00:00

9.1 KiB
Raw Blame History

Allowing Common Ports with a Few Clicks

Scenarios

You can configure a security group to allow common ports with a few clicks. This function is suitable for the following scenarios:
  • Remotely log in to ECSs.
  • Use the ping command to test ECS connectivity.
  • ECSs functioning as web servers provide website access services.

Table 1 describes the common ports that can be opened with a few clicks.

Table 1 Common ports

Direction

Protocol & Port & Type

Source/Destination

Description

Inbound

TCP: 22 (IPv4)

0.0.0.0/0

Allows all IPv4 addresses to access ECSs in the security group over port 22 (SSH) for remotely logging in to Linux ECSs.

TCP: 3389 (IPv4)

0.0.0.0/0

Allows all IPv4 addresses to access ECSs in the security group over port 3389 (RDP) for remotely logging in to Windows ECSs.

TCP: 80 (IPv4)

0.0.0.0/0

Allows all IPv4 addresses to access ECSs in the security group over port 80 (HTTP) for visiting websites.

TCP: 443 (IPv4)

0.0.0.0/0

Allows all IPv4 addresses to access ECSs in the security group over port 443 (HTTPS) for visiting websites.

TCP: 20-21 (IPv4)

0.0.0.0/0

Allows all IPv4 addresses to access ECSs in the security group over ports 20 and 21 (FTP) for uploading or downloading files.

ICMP: All (IPv4)

0.0.0.0/0

Allows all IPv4 addresses to access ECSs in the security group over any port for using the ping command to test ECS connectivity.

Outbound

All (IPv4)

All (IPv6)

0.0.0.0/0

::/0

Allows access from ECSs in the security group to any IP address over any port.

Procedure

  1. Log in to the management console.
  2. Click in the upper left corner and select the desired region and project.
  3. Click in the upper left corner and choose Network > Virtual Private Cloud.

    The Virtual Private Cloud page is displayed.

  4. In the navigation pane on the left, choose Access Control > Security Groups.

    The security group list is displayed.

  5. In the security group list, click the name of the security group.

    The security group details page is displayed.

  6. Click the Inbound Rules or Outbound Rules tab, and then click Allow Common Ports.

    The Allow Common Ports page is displayed.

  7. Click OK.

    After the operation is complete, you can view the added rules in the security group rule list.