Articles in this section

See more

Firewall Pass List

Avatar
Nx Support
  • Updated
Follow

Avoiding Firewall Issues in Nx Witness VMS (and other Powered-by-Nx Products)

Nx Witness VMS (and other Powered-by-Nx products) will generate Internet traffic if/when any Server in a System is connected to the Internet.

To guarantee connectivity to Nx cloud-based services you may need to add Nx Witness-related endpoints to your Firewall Pass List. 

To learn more about the types of Internet traffic Nx Witness will generate check out the article What Internet traffic will Nx Witness System generate?

Below are the settings we recommend for your Firewall Pass List to avoid any interruptions in Internet-based services associated with Nx Witness VMS.

Firewall Pass List - Recommended Settings

Note: When configuring your Firewall make sure to use FQDN format in order to as some of the endpoints do not resolve to static IP addresses.

----------

For Nx Cloud (or other Powered-by-Nx Cloud services): 

Required to connect/disconnect Systems from Nx Cloud and maintain connections.

your-cloud-address.com (i.e. https://nxvms.com)
TCP - ports: 80, 443

----------

For Nx Cloud Connect (NAT Traversal, Data Proxy services)

Required for remotely connecting to an Nx Witness (or other Powered-by-Nx product) via Nx Cloud.

Option 1: Non-Region Specific

*.vmsproxy.com

Option 2: Region-Specific

relay.vmsproxy.com
relay-ny.vmsproxy.com (185.59.223.85)
relay-fr.vmsproxy.com (195.181.174.35)
relay-la.vmsproxy.com (185.152.67.150)
relay-sy.vmsproxy.com (207.148.86.247)
relay-si.vmsproxy.com (139.180.221.39)
mediator.vmsproxy.com (52.7.195.88)
cloud_db, portal (34.233.82.124)
speedtest: 
 - 18.196.46.87
 - 54.193.97.109
 - 54.255.218.20
 - 13.211.129.121
TCP Port : 80, 443
UDP Port: 3345

----------

For Time Synchronization  

Required to synchronize Server times with Nx Time Servers.

Option 1: Non-Region Specific

*.rfc868server.com

Option 2: Region-Specific

time.rfc868server.com
us-west.rfc868server.com
frankfurt.rfc868server.com
singapore.rfc868server.com
TCP Port : 37

----------

For License Activation / Deactivation

Required to activate and manage Licenses online.

licensing.networkoptix.com
or
licensing.vmsproxy.com
TCP Port : 80

----------

For Update Notifications

*.networkoptix.com
 and / or
updates.networkoptix.com
 and / or
updates.vmsproxy.com

----------

For Update Notifications

Required to receive notifications when a new version of the software is available.
beta.networkoptix.com
or
beta.vmsproxy.com
----------

For Anonymous Reporting

Required to send Anonymous usage statistics.
stats.networkoptix.com
stats2.networkoptix.com

And / Or

stats.vmsproxy.com
stats2.vmsproxy.com
TCP - ports: 80, 443

----------

For Fetching Public IP

Required to allow Servers to fetch a public IP for use in directing System traffic.

tools.vmsproxy.com
tools-eu.vmsproxy.com
Port: 80 
 

Questions

If you have any questions related to this topic or you want to share your experience with other community members or our team, please visit and engage in our support community or reach out to your local reseller. 

 

 

 

Related articles

Comments

0 comments

Article is closed for comments.