How have anyone configured the Edge Network Firewall in the OVH panel? Has anyone tried it before? how`s setup this? i want to know thank you
Resolved I would like to ask those who are using OVH dedicated servers.
- Thread starter justin3ryu
- Start date
before i did, i couldnt log in into game i will show you what i did on mine . here Souce IP is my PC IP
Attachments
You're missing rule 0 all tcp established.
tell me how to set up.
Priority Action Protocol Source IP Source port Destination port options Status
0 Authorise TCP established Enabled
1 Authorise IPv4 My VPS Ip? Enabled
2 Authorise IPv4 MY Home IP? Enabled
3 Authorise TCP 7777 SYN Enabled
4 Authorise TCP 2106 SYN Enabled
5. Authorise TCP RDP port?? SYN Enabled
Attachments
Maybe try specifying 2 ranges to cover all IPs instead of "all", I'm not sure how OVH allowed you to write "all":
0.0.0.0/1
128.0.0.0/1
Example setup with an anti-ddos proxy and all default ports. Let's assume everyone(players, website, outside scripts, etc.) will only use anti-ddos proxy IP to access the server with the exception you connecting from your home IP via RDP.
Anti-ddos proxy IP: 55.55.55.55
Your home IP: 90.90.90.90
OVH firewall setup will look like this:
| Action | Protocol | Source IP | Destination Port | Explanation |
| Authorise | TCP | 55.55.55.55 | 7777 | Default game server port |
| Authorise | TCP | 55.55.55.55 | 2106 | Default login server port |
| Authorise | TCP | 55.55.55.55 | 3306 | Default mysql port |
| Authorise | TCP | 90.90.90.90 | 3389 | Allowing your home IP access default RDP port(if you use Linux you need to open SSH port, default: 22) |
| Refuse | IPv4 | 0.0.0.0/1 | Blocks half of IPs range, set Priority to 19 | |
| Refuse | IPv4 | 128.0.0.0/1 | Blocks the other half, set Priority to 18 |
If you use some type of bot protection, you might need to open additional TCP port for your proxy IP, for example AAC default is 11000. So we'd need to add "Authorise TCP 55.55.55.55 11000".
Also always check which IPs to whitelist with your proxy provider, you might need to allow connections not from 1 source IP, but 2 or even more. Just repeat same rules for the IPs they provide.
Last edited:
If you don't use any kind of proxy and no protection. Then maybe try specifying 2 ranges to cover all IPs instead of "all", I'm not sure how OVH allowed you to write "all":
0.0.0.0/1
128.0.0.0/1
These rules should allow connection to login/game server, I'm not sure why it's not working. Also try selecting neither "syn", nor "established"(even though it should work with "syn")
Yes
The source IP field should be left empty for ports 2106(SYN) and 7777 (SYN), as well as for the rule 0 TCP established rule.
You only apply source IP restrictions to sensitive services, such as the database port or other administrative/management ports, where you specifically want to limit access.
You only apply source IP restrictions to sensitive services, such as the database port or other administrative/management ports, where you specifically want to limit access.