Firewall ports
Introduction
Please remember that Pulse, Software nPoint and Hardware nPoint are communication the same way.
In general, nPoint is contacting the nGeniusPULSE Server, not the other way around.
Service Test are executed by the nPoint. Device monitorring is done by nGeniusPULSE server or the Collector.
Even when there's no Service Test running on the nPoint, the nPoint will contact nGeniusPULSE Server every minute to update its configuration.
Solution
Inbound nGeniusPULSE Server/Collector
destination | service | role |
---|---|---|
tcp/8443 | https | communication with nGeniusONE |
tcp/443 | https |
secure web UI communication with nPoint |
tcp/80 | http | web UI |
udp/514 | syslog | syslog receiver |
tcp/22 | ssh | CLI |
udp/123 | ntp | network time server |
Outbound nGeniusPULSE Server/Collector*
destination | service | role |
---|---|---|
udp/123 | ntp | network time synchronozation |
udp/161 | snmp | snmp |
tcp/443 | https |
communication with virtual center and wireless controller |
ip protocol #1 type 0 and 8 | icmp echo request/reply | ping monitorred devices |
tcp/25 | smtp | |
tcp/386 | ldap | remote authentication |
tcp/636 | sldap | secure remote authentication |
(*) outbound services are depending on the features that are in use.
Inbound nPoint
destination | service | role |
---|---|---|
tcp/80 | http | web UI |
tcp/22 | ssh | CLI |
Outbound nPoint*
destination | service | role |
---|---|---|
tcp/443 | https | communication with nPoint |
(*) outbound services are depending on the Service Test configured on nGeniusPULSE.
Even when there's no Service Test running on the nPoint, the nPoint will contact nGeniusPULSE server every minute to update its configuration.