1 Answer
- Newest
- Most votes
- Most comments
0
I am not aware of such guidance, and didn't find any in a quick search - which might be an indication that it doesn't exist. Generally speaking, Secure tunneling uses a client/device-initiated tunneling, which means that you don't need any inbound ports open as long as established connections are allowed. See also here for more details. That being said, fail2ban should not block those as long as it's only applied on inbound connections. Also, if you don't require any inbound connections, I would recommend to not open any inbound port, but only allow the outbound plus established / related connections.
answered 5 months ago
Relevant content
- Accepted Answerasked 2 years ago
- asked 2 years ago
- AWS OFFICIALUpdated 10 months ago
- How do I determine the active SSL security policy associated with my ELB listener using the AWS CLI?AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago