Articles in this section

See more

Firewall White List

Avatar
Igal
  • Updated
Follow

-------------------------
Affected Roles: System Owner • System Administrator 
Related Nx VMS Apps: All
Difficulty: Medium
-------------------------

Avoiding Firewall Issues in Nx Witness VMS (and other Powered-by-Nx Products)

Nx Witness VMS (and other Powered-by-Nx products) will generate Internet traffic if/when any Server in a System is connected to the Internet.

To guarantee connectivity to Nx cloud-based services you may need to add Nx Witness-related endpoints to your Firewall White List. 

To learn more about the types of Internet traffic Nx Witness will generate check out the article What Internet traffic will Nx Witness System generate?

Below are the settings we recommend for your Firewall White List to avoid any interruptions in Internet-based services associated with Nx Witness VMS.

Firewall White List - Recommended Settings

Note: When configuring your Firewall make sure to use FQDN format in order to as some of the endpoints do not resolve to static IP addresses.

----------

For Nx Cloud (or other Powered-by-Nx Cloud services): 

Required to connect/disconnect Systems from Nx Cloud and maintain connections.

your-cloud-address.com (i.e. https://nxvms.com)
TCP - ports: 80, 443

----------

For Nx Cloud Connect (NAT Traversal, Data Proxy services)

Required for remotely connecting to an Nx Witness (or other Powered-by-Nx product) via Nx Cloud.

Option 1: Non-Region Specific

*.vmsproxy.com

Option 2: Region-Specific

relay.vmsproxy.com
relay-ny.vmsproxy.com (185.59.223.85)
relay-fr.vmsproxy.com (195.181.174.35)
relay-la.vmsproxy.com (185.152.67.150)
relay-sy.vmsproxy.com (207.148.86.247)
relay-si.vmsproxy.com (139.180.221.39)
mediator.vmsproxy.com (52.7.195.88)
cloud_db, portal (34.233.82.124)
speedtest: 
 - 18.196.46.87
 - 54.193.97.109
 - 54.255.218.20
 - 13.211.129.121
TCP Port : 80, 443
UDP Port: 3345

----------

For Time Synchronization  

Required to synchronize Server times with Nx Time Servers.

Option 1: Non-Region Specific

*.rfc868server.com

Option 2: Region-Specific

time.rfc868server.com
us-west.rfc868server.com
frankfurt.rfc868server.com
singapore.rfc868server.com
TCP Port : 37

----------

For License Activation / Deactivation

Required to activate and manage Licenses online.

licensing.networkoptix.com
or
licensing.vmsproxy.com
TCP Port : 80

----------

For Update Notifications

*.networkoptix.com
 and / or
updates.networkoptix.com
 and / or
updates.vmsproxy.com

----------

For Update Notifications

Required to receive notifications when a new version of the software is available.
beta.networkoptix.com
or
beta.vmsproxy.com
----------

For Anonymous Reporting

Required to send Anonymous usage statistics.
stats.networkoptix.com
stats2.networkoptix.com

And / Or

stats.vmsproxy.com
stats2.vmsproxy.com
TCP - ports: 80, 443

----------

For Fetching Public IP

Required to allow Servers to fetch a public IP for use in directing System traffic.

tools.vmsproxy.com
tools-eu.vmsproxy.com
Port: 80 
 
 

 

 

Related articles

Comments

0 comments

Please sign in to leave a comment.