1 Answer
- Newest
- Most votes
- Most comments
1
I am not aware of such guidance, and didn't find any in a quick search - which might be an indication that it doesn't exist. Generally speaking, Secure tunneling uses a client/device-initiated tunneling, which means that you don't need any inbound ports open as long as established connections are allowed. See also here for more details. That being said, fail2ban should not block those as long as it's only applied on inbound connections. Also, if you don't require any inbound connections, I would recommend to not open any inbound port, but only allow the outbound plus established / related connections.
answered 10 months ago
Relevant content
- Accepted Answerasked 2 years ago
- asked 2 months ago
- asked 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated a month ago
- AWS OFFICIALUpdated a year ago