Firewall ports

From wiki.comcert.com
Jump to navigation Jump to search

Introduction

Please remember that Pulse, Software nPoint and Hardware nPoint are communication the same way.

In general, nPoint is contacting the nGeniusPULSE Server, not the other way around.

Service Test are executed by the nPoint. Device monitoring is done by nGeniusPULSE server or a Collector.

Even when there's no Service Test running on the nPoint, the nPoint will contact nGeniusPULSE Server every minute to update its configuration.

 

Solution

Inbound nGeniusPULSE Server/Collector

destination  service role
tcp/8443 https communication with nGeniusONE
tcp/443 https

secure web UI

communication with nPoint

tcp/80 http web UI
udp/514 syslog syslog receiver
tcp/22 ssh CLI
udp/123 ntp network time server

 

Outbound nGeniusPULSE Server/Collector*

destination  service role
udp/123 ntp network time synchronozation
udp/161 snmp snmp
tcp/443 https

communication with virtual center and wireless controller

ip protocol #1 type 0 and 8 icmp echo request/reply ping monitorred devices
tcp/25 smtp email
tcp/386 ldap remote authentication
tcp/636 sldap secure remote authentication

(*) outbound services are depending on the features that are in use.

 

Inbound nPoint

destination service role
tcp/80 http web UI
tcp/22 ssh CLI

 

Outbound nPoint*

destination service role
tcp/443 https communication with nPoint

(*) outbound services are depending on the Service Test configured.