-------------------------
Affected Roles: System Owner • System Administrator
Related Nx VMS Apps: All
Difficulty: Medium
-------------------------
Avoiding Firewall Issues in Nx Witness VMS (and other Powered-by-Nx Products)
Nx Witness VMS (and other Powered-by-Nx products) will generate Internet traffic if/when any Server in a System is connected to the Internet.
To guarantee connectivity to Nx cloud-based services you may need to add Nx Witness-related end points to your Firewall White List.
To learn more about the types of Internet traffic Nx Witness will generate check out the article What Internet traffic will Nx Witness System generate?
Below are the settings we recommend for your Firewall White List to avoid any interruptions in Internet-based services associated with Nx Witness VMS.
Firewall White List - Recommended Settings
Note: When configuring your Firewall make sure to use FQDN format in order to as some of the end points do not resolve to static IP addresses.
----------
For Nx Cloud (or other Powered-by-Nx Cloud services):
Required to connect / disconnect Systems from Nx Cloud and maintain connections.
your-cloud-address.com (i.e. https://nxvms.com)
TCP - ports: 80, 443
----------
For Nx Cloud Connect (NAT Traversal, Data Proxy services)
Required for remotely connecting to an Nx Witness (or other Powered-by-Nx product) via Nx Cloud.
Option 1: Non-Region Specific
*.vmsproxy.com
Option 2: Region-Specific
relay.vmsproxy.com
relay-ny.vmsproxy.com
relay-fr.vmsproxy.com
relay-la.vmsproxy.com
relay-sy.vmsproxy.com
relay-si.vmsproxy.com
mediator.vmsproxy.com
TCP Port : 80, 443
UDP Port: 3345
----------
For Time Synchronization
Required to synchronize Server times with Nx Time Servers.
Option 1: Non-Region Specific
*.rfc868server.com
Option 2: Region-Specific
time.rfc868server.com
us-west.rfc868server.com
frankfurt.rfc868server.com
singapore.rfc868server.com
TCP Port : 37
----------
For License Activation / Deactivation
Required to activate and manage Licenses online.
licensing.networkoptix.com
licensing.vmsproxy.com
TCP Port : 80
----------
For Update Notifications
*.networkoptix.com
updates.networkoptix.com
updates.vmsproxy.com
----------
For Update Notifications
Required to receive notifications when a new version of the software is available.
beta.networkoptix.com
beta.vmsproxy.com
For Anonymous Reporting
Required to send Anonymous usage statistics.stats.networkoptix.com
stats2.networkoptix.com
And / Or
stats.vmsproxy.com
stats2.vmsproxy.com
TCP - ports: 80, 443
----------
For Fetching Public IP
Required to allow Servers to fetch a public IP for use in directing System traffic.
tools.vmsproxy.com
tools-eu.vmsproxy.com
Port: 80
Comments
0 comments
Please sign in to leave a comment.