LogoLogo
Home
  • ExaVault Documentation
  • Installing & Upgrading The Appliance
    • Downloading The Base Image
    • System Requirements
    • Firewall Configuration
    • Installation & Setup
      • AWS Installation
      • VMWare Prerequisites
      • Installing Other Software
    • Mounting the Data Drive
    • Upgrading to v18.x from v16.10
      • VMWare Upgrade Prerequisites
    • Upgrading From 16.05 or Earlier
  • Using ExaVault
    • Users
      • SSH Key Authentication
        • Creating an SSH Key on Windows
        • Creating an SSH Key on Linux
        • Creating an SSH Key on macOS
      • Export List of Users and Groups
      • Two-Factor Authentication (2FA)
      • Single Sign On (SSO), SAML, SCIM
    • Links (Share Links)
    • Notifications
    • Ciphers
    • Customizing Your Site
      • Login Page
      • Contact Information
      • Custom CSS
      • Custom Terms of Use Agreement
  • Connection Methods
    • SFTP
      • Supported SSH Ciphers
      • Maximizing SFTP Performance
      • Command Line SFTP Examples
      • Troubleshooting SFTP
    • FTP and FTPS
      • Troubleshooting FTP
    • WebDAV
  • Administration Tasks
    • Restarting the Appliance
    • Logging
    • License Keys
    • Installing or Updating SSL Certificate
    • Increasing Available Storage
    • Deleting Old Activity
    • Deleting Old Quotas
    • Appliance Manager Password Reset
    • Sending Email
  • Premium Features
  • Migrating to Files.com Cloud
    • Migration Process Overview
    • Technical Enablement Steps
    • Regional Considerations
  • HyperPrivacy Mode
    • User Home Folders
    • User Deletions
    • Sharing
    • Retention Rules
    • Trash Can
Powered by GitBook

©2023 Orange Platform LLC dba ExaVault. All rights reserved.

On this page
  • Inbound Traffic (Public Internet) Port Requirements
  • Inbound Traffic (Internal Network) Port Requirements
  • Outbound Traffic Port Requirements
  1. Installing & Upgrading The Appliance

Firewall Configuration

We strongly recommend that the ExaVault virtual appliance be deployed behind a firewall. This guide provides guidance for how to configure the ports to open on your firewall.

The ExaVault appliance must have at least some inbound and outbound connectivity to the public Internet, and that is detailed on this page as well.

Refer to the tables below when configuring your firewall for the list of ports which need to be opened.

Inbound Traffic (Public Internet) Port Requirements

Port

Description

ICMPv4

Used for verifying the server is up and accessible.

80

Used for non secure web GUI access to the application. Does not need to be made available publicly.

443

Used for secure Web GUI access to the application. Does not need to be made available publicly. Also used by the API.

21

Used for FTP access to the appliance. Does not need to be open if the FTP service is not used externally.

22

User for SFTP access to the appliance. Does not need to be open if the SFTP service is not used externally.

990

Used for FTPS access to the appliance. Does not need to be open if the FTPS service is not used Externally.

40000-49999

Used for FTP/FTPS data channels to the appliance. Does not need to be open if neither the FTP nor FTPS services are used Externally. Note: Currently only a subset of this range is used by the appliance, but we recommend opening the entire range because we will be expanding the range in future versions.

Inbound Traffic (Internal Network) Port Requirements

Port

Description

Required

ICMPv4

Used for verifying the server is up and accessible.

YES

80

Redirects to HTTPS port 443

YES

443

Used for secure Web GUI access to the application. Does not need to be made available publicly. Also used by the API.

YES

21

Used for FTP access to the appliance. Does not need to be open if the FTP service is not used externally.

NO

22

User for SFTP access to the appliance. Does not need to be open if the SFTP service is not used externally.

NO

990

Used for FTPS access to the appliance. Does not need to be open if the FTPS service is not used Externally.

NO

10022

Used for support sessions to the appliance. ( for support sessions SSH access is required running on port 10022 )

YES*

9002

Used to access the appliance manager web GUI ( for setup and management of the appliance )

YES*

40000-49999

FTP Passive Ports

NO

* These ports are needed for administering the system and should be locked down at the firewall.

Outbound Traffic Port Requirements

Port

Description

Required

80

Used to download updates from our servers

YES

443

Used to download updates from our servers

YES

53

DNS services to resolve names for updates

YES

PreviousSystem RequirementsNextInstallation & Setup

Last updated 3 months ago