Firewall Configuration
We strongly recommend that the ExaVault virtual appliance be deployed behind a firewall. This guide provides guidance for how to configure the ports to open on your firewall.
The ExaVault appliance must have at least some inbound and outbound connectivity to the public Internet, and that is detailed on this page as well.
Refer to the tables below when configuring your firewall for the list of ports which need to be opened.
Inbound Traffic (Public Internet) Port Requirements
Port
Description
ICMPv4
Used for verifying the server is up and accessible.
80
Used for non secure web GUI access to the application. Does not need to be made available publicly.
443
Used for secure Web GUI access to the application. Does not need to be made available publicly. Also used by the API.
21
Used for FTP access to the appliance. Does not need to be open if the FTP service is not used externally.
22
User for SFTP access to the appliance. Does not need to be open if the SFTP service is not used externally.
990
Used for FTPS access to the appliance. Does not need to be open if the FTPS service is not used Externally.
40000-49999
Used for FTP/FTPS data channels to the appliance. Does not need to be open if neither the FTP nor FTPS services are used Externally. Note: Currently only a subset of this range is used by the appliance, but we recommend opening the entire range because we will be expanding the range in future versions.
Inbound Traffic (Internal Network) Port Requirements
Port
Description
Required
ICMPv4
Used for verifying the server is up and accessible.
YES
80
Redirects to HTTPS port 443
YES
443
Used for secure Web GUI access to the application. Does not need to be made available publicly. Also used by the API.
YES
21
Used for FTP access to the appliance. Does not need to be open if the FTP service is not used externally.
NO
22
User for SFTP access to the appliance. Does not need to be open if the SFTP service is not used externally.
NO
990
Used for FTPS access to the appliance. Does not need to be open if the FTPS service is not used Externally.
NO
10022
Used for support sessions to the appliance. ( for support sessions SSH access is required running on port 10022 )
YES*
9002
Used to access the appliance manager web GUI ( for setup and management of the appliance )
YES*
40000-49999
FTP Passive Ports
NO
* These ports are needed for administering the system and should be locked down at the firewall.
Outbound Traffic Port Requirements
Port
Description
Required
80
Used to download updates from our servers
YES
443
Used to download updates from our servers
YES
53
DNS services to resolve names for updates
YES
Last updated